Deterministic random output from constant seed

Seeding routine uses a constant seed making the output deterministic

Description

This defect occurs when you use standard random number generator functions that have deterministic output given a constant seed.

The checker detects this issue with the following random number generator functions:

C Standard Library functions such as srand, srandom and initstate
OpenSSL functions such as RAND_seed and RAND_add
C++ Standard Library functions such as std::linear_congruential_engine<>::seed() and std::mersenne_twister_engine<>::seed() (and also the constructors of these class templates)

Risk

With constant seeds, random number generator functions produce the same output every time your program is run. A hacker can disrupt your program if they know how your program behaves.

Fix

Use a different random standard function or use a nonconstant seed.

Some standard random routines are inherently cryptographically weak, and should not be used for security purposes.

Examples

expand all

Random Number Generator Initialization

#include <stdlib.h>

void random_num(void)
{
    srand(12345U);
    /* ... */
}

This example initializes a random number generator using srand with a constant seed. The random number generation is deterministic, making this function cryptographically weak.

Correction — Use Different Random Number Generator

One possible correction is to use a random number generator that does not require a seed. This example uses rand_s.


#define _CRT_RAND_S
#include <stdlib.h>
#include <stdio.h>

unsigned int random_num_time(void)
{

    unsigned int number;
    errno_t err;
    err = rand_s(&number);

    if(err != 0)
    {
        return number;
    }
    else
    {
        return err;
    }
}

Result Information

Group: Security

Language: C | C++

Default: Off

Command-Line Syntax: RAND_SEED_CONSTANT

Impact: Medium

Version History

Introduced in R2015b