Uploaded image for project: 'HPCC'
  1. HPCC
  2. HPCC-18586

Investigate severity of Coverity zcrypt WEAK_CRYPTO warning.

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Accepted
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Core Libraries
    • Labels:
      None
    • Compatibility:
      Minor

      Description

      Coverity warning:

      CID 1225234 (#1 of 1): Calling risky function (DC.WEAK_CRYPTO)
      dont_call: rand should not be used for security related applications, as linear congruential algorithms are too easy to break.
      Use a compliant random number generator, such as /dev/random or /dev/urandom on Unix-like systems, and CryptGenRandom on Windows.

      118        c = (rand() >> 7) & 0xff;
      

        Attachments

          Activity

            People

            • Assignee:
              mayx Yanrui Ma
              Reporter:
              jakesmith Jake Smith
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: