Coverity analysis defect 72071: Don't call

XMLWordPrintableJSON

    • Fully Compatible
    • ALL
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      The called function is unsafe for security related code

      Defect 72071 (STATIC_C)
      Checker DC.WEAK_CRYPTO (subcategory none)
      File: /src/mongo/scripting/bson_template_evaluator.cpp
      Function mongo::BsonTemplateEvaluator::evalRandInt(mongo::BsonTemplateEvaluator*, const char *, const mongo::BSONObj &, mongo::BSONObjBuilder &)
      /src/mongo/scripting/bson_template_evaluator.cpp, line: 172
      "rand()" should not be used for security related applications, as linear congruential algorithms are too easy to break.

                  int randomNum = min + (rand() % (max - min));
      

            Assignee:
            Matt Kangas (Inactive)
            Reporter:
            Coverity Collector User
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: