Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC51-CPP

Medium

Likely

Low

P18

L1

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

default-construction
Partially checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-MSC51
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

HARDCODED.SEED
MISC.CRYPTO.TIMESEED

Hardcoded Seed in PRNG
Predictable Seed in PRNG

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++5041
Klocwork
Include Page
Klocwork_V
Klocwork_V
AUTOSAR.STDLIB.RANDOM.NBR_GEN_DEFAULT_INIT
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: MSC51-CPP

Checks for:

  • Deterministic random output from constant seed
  • Predictable random output from predictable seed

Rule partially covered.

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MSC51-a

Properly seed pseudorandom number generators

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V1057
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
default-construction
Partially checked

Related Vulnerabilities

Using a predictable seed value, such as the current time, result in numerous vulnerabilities, such as the one described by CVE-2008-1637.

...