Add coverity warning squelching for perfectly safe random() calls
where random is used in non-security-sensitive ways for things like distributing timer event load
This commit is contained in:
Heikki Hannikainen
parent
f84a9f77fc
commit
ab4c1aa9f7
|
|
@ -1207,8 +1207,10 @@ static int accept_liveupgrade_single(cJSON *client, int *rxerr_map, int rxerr_ma
|
|||
}
|
||||
/* distribute keepalive intervals for the existing old clients
|
||||
* but send them rather sooner than later */
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random(): load distribution
|
||||
c->keepalive = tick + (random() % (keepalive_interval/2));
|
||||
/* distribute cleanup intervals over the next 2 minutes */
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random(): load distribution
|
||||
c->cleanup = tick + (random() % 120);
|
||||
|
||||
c->connect_time = time_connect->valueint;
|
||||
|
|
|
|||
|
|
@ -589,9 +589,11 @@ static void generate_instance_id(void)
|
|||
|
||||
if (fd < 0) {
|
||||
/* urandom failed for us, use something inferior */
|
||||
for (l = 0; l < INSTANCE_ID_LEN; l++)
|
||||
for (l = 0; l < INSTANCE_ID_LEN; l++) {
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random()
|
||||
s[l] = random() % 256;
|
||||
}
|
||||
}
|
||||
|
||||
for (l = 0; l < INSTANCE_ID_LEN; l++) {
|
||||
/* 256 is not divisible by 36, the distribution is slightly skewed,
|
||||
|
|
@ -883,6 +885,7 @@ int main(int argc, char **argv)
|
|||
|
||||
time_set_tick_and_now();
|
||||
cleanup_tick = tick;
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random()
|
||||
version_tick = tick + random() % 60; /* some load distribution */
|
||||
startup_tick = tick;
|
||||
startup_time = now;
|
||||
|
|
|
|||
|
|
@ -548,6 +548,7 @@ int do_peergroup(struct peerip_config_t **lq, int argc, char **argv)
|
|||
/* Configure a listener */
|
||||
li = hmalloc(sizeof(*li));
|
||||
memset(li, 0, sizeof(*li));
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random(): local id
|
||||
li->id = random();
|
||||
li->corepeer = 1;
|
||||
li->name = hstrdup(argv[1]);
|
||||
|
|
@ -1126,6 +1127,7 @@ int do_listen(struct listen_config_t **lq, int argc, char **argv)
|
|||
l->id = old_l->id;
|
||||
} else {
|
||||
/* new config, assign new id */
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random(): local id
|
||||
l->id = random();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ void messaging_generate_msgid(char *buf, int buflen)
|
|||
int i, c;
|
||||
|
||||
for (i = 0; i < buflen-1; i++) {
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random(): APRS message-id
|
||||
c = random() % (2*26 + 10); /* letters and numbers */
|
||||
|
||||
if (c < 10)
|
||||
|
|
|
|||
|
|
@ -430,6 +430,7 @@ int make_uplink(struct uplink_config_t *l)
|
|||
}
|
||||
|
||||
/* Pick random address to start from */
|
||||
// coverity[dont_call] // squelch warning: not security sensitive use of random()
|
||||
i = random() % addrc;
|
||||
|
||||
/* Then lets try making socket and connection in address order */
|
||||
|
|
|
|||
Loading…
Reference in New Issue