...
This rule appears in the C++ Secure Coding Standard as MSC30-CPP. Do not use the rand() function for generating pseudorandom numbers.
...
Bibliography
Wiki Markup |
---|
\[[API 2006|https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-API06]\] [Class Random|http://java.sun.com/javase/6/docs/api/java/util/Random.html] \[[API 2006|https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-API06]\] [Class SecureRandom|http://java.sun.com/javase/6/docs/api/java/security/SecureRandom.html] \[[Find Bugs 2008|https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-FindBugs08]\] BC: Random objects created and used only once \[[Monsch 2006|AA. Bibliography#Monsch 06]\] \[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 330|http://cwe.mitre.org/data/definitions/330.html] "Use of Insufficiently Random Values", [CWE ID 327 |http://cwe.mitre.org/data/definitions/327.html], "Use of a Broken or Risky Cryptographic Algorithm," [CWE ID 330|http://cwe.mitre.org/data/definitions/330.html], "Use of Insufficiently Random Values", [CWE ID 333| http://cwe.mitre.org/data/definitions/333.html] "Failure to Handle Insufficient Entropy in TRNG", [CWE ID 332|http://cwe.mitre.org/data/definitions/332.html] "Insufficient Entropy in PRNG", [CWE ID 337|http://cwe.mitre.org/data/definitions/337.html] "Predictable Seed in PRNG", [CWE ID 336|http://cwe.mitre.org/data/definitions/336.html] "Same Seed in PRNG" |
...