unum: Check usage of rand functions (#107)

SW-2108
MinimSecure · Sep 8, 2022 · 1681a53 · 1681a53
1 parent 22cdf54
commit 1681a53
Show file tree

Hide file tree

Showing 10 changed files with 14 additions and 14 deletions.
diff --git a/src/unum/activate/activate.c b/src/unum/activate/activate.c
@@ -240,7 +240,7 @@ static void activate(THRD_PARAM_t *p)
 #if ACTIVATE_PERIOD_START > 0
     // Random delay at startup to avoid all APs poll server
     // at the same time after large area power outage.
-    delay = rand() % ACTIVATE_PERIOD_START;
+    delay = rand() % ACTIVATE_PERIOD_START;    //SW-2108 Verified rand is used safely
     log("%s: delaying first attempt to %d sec\n", __func__, delay);
     sleep(delay);
 #endif // ACTIVATE_PERIOD_START > 0
@@ -338,7 +338,7 @@ static void activate(THRD_PARAM_t *p)
 
             // Calculate delay before next activation attempt
             if(delay < ACTIVATE_MAX_PERIOD) {
-                delay += rand() % ACTIVATE_PERIOD_INC;
+                delay += rand() % ACTIVATE_PERIOD_INC;    //SW-2108 Verified rand is used safely
             }
             if(delay > ACTIVATE_MAX_PERIOD) {
                 delay = ACTIVATE_MAX_PERIOD;

diff --git a/src/unum/cmdproc/fetch_urls.c b/src/unum/cmdproc/fetch_urls.c
@@ -347,7 +347,7 @@ static int add_req(const char *cookie, json_t *root, json_t *req)
 
         // Pick a cell (start at random spot)
         int idx, ii;
-        idx = rand() % FETCH_URLS_QUEUE_LIMIT;
+        idx = rand() % FETCH_URLS_QUEUE_LIMIT;    //SW-2108 Verified rand is used safely
         for(ii = 0; ii < FETCH_URLS_QUEUE_LIMIT; ii++) {
             if(!fetch_a[idx].req) {
                 break;

diff --git a/src/unum/cmdproc/pingflood.c b/src/unum/cmdproc/pingflood.c
@@ -74,7 +74,7 @@ static int fill_ip_hdr(void *ptr, IPV4_ADDR_t *src, IPV4_ADDR_t *dst,
     ip->ihl = 5;        // 20 bytes header
     ip->tos = IPTOS_THROUGHPUT;
     ip->tot_len = htons(payload_len + sizeof(struct iphdr));
-    ip->id = htons((unsigned short)rand()); // ID
+    ip->id = htons((unsigned short)rand()); // ID ; SW-2108 Verified rand is used safely
     ip->ttl = 64;       // Max hops
     ip->protocol = 1;   // ICMP
     ip->saddr = src->i; // Src IP

diff --git a/src/unum/fw_update/fw_update.c b/src/unum/fw_update/fw_update.c
@@ -71,7 +71,7 @@ static void fw_update(void)
 
     // Random delay at startup to avoid all APs poll server
     // at the same time after large area power outage.
-    delay = rand() % FW_UPDATE_CHECK_PERIOD;
+    delay = rand() % FW_UPDATE_CHECK_PERIOD;    //SW-2108 Verified rand is used safely
     log("%s: delaying updater startup for %d sec\n", __func__, delay);
     sleep(delay);
 

diff --git a/src/unum/provision/provision.c b/src/unum/provision/provision.c
@@ -107,7 +107,7 @@ static void provision(THRD_PARAM_t *p)
 #if PROVISION_PERIOD_START > 0
     // Random delay at startup to avoid all APs poll server
     // at the same time after large area power outage.
-    delay = rand() % PROVISION_PERIOD_START;
+    delay = rand() % PROVISION_PERIOD_START;    //SW-2108 Verified rand is used safely
     log("%s: delaying first attempt to %d sec\n", __func__, delay);
     sleep(delay);
 #endif // PROVISION_PERIOD_START > 0
@@ -218,7 +218,7 @@ static void provision(THRD_PARAM_t *p)
 
         // Calculate delay delay before next provisioning attempt
         if(delay < PROVISION_MAX_PERIOD) {
-            delay += rand() % PROVISION_PERIOD_INC;
+            delay += rand() % PROVISION_PERIOD_INC;    //SW-2108 Verified rand is used safely
         }
         if(delay > PROVISION_MAX_PERIOD) {
             delay = PROVISION_MAX_PERIOD;

diff --git a/src/unum/security/port_scan.c b/src/unum/security/port_scan.c
@@ -422,7 +422,7 @@ static int scan_device(PORT_SCAN_DEVICE_t *port_scan_device)
 
         // Pick random source port (if we inadvertently pick one that is in use)
         // it will mean a performance hit, but should not cause any major issue.
-        unsigned short sport_h = 0x7fff + (rand() & 0x7fff);
+        unsigned short sport_h = 0x7fff + (rand() & 0x7fff);    //SW-2108 Verified rand is used safely
         unsigned short sport = htons(sport_h);
 
         log_dbg("%s: scanning " IP_PRINTF_FMT_TPL " from port %d\n",
@@ -435,7 +435,7 @@ static int scan_device(PORT_SCAN_DEVICE_t *port_scan_device)
         scan_params.ipv4_dst.i = ipv4.i;
         scan_params.to_scan = to_scan;
         scan_params.from_scan = from_scan;
-        scan_params.seq = (rand() << 16) ^ rand();
+        scan_params.seq = (rand() << 16) ^ rand();    //SW-2108 Verified rand is used safely
 
         // Prepare and activate the receiving callback handling the
         // scan responses
@@ -540,7 +540,7 @@ static int add_device(json_t *devices, json_t *device) {
     {
         // Pick a cell (start at random spot)
         int idx, ii;
-        idx = rand() % PORT_SCAN_QUEUE_LIMIT;
+        idx = rand() % PORT_SCAN_QUEUE_LIMIT;    //SW-2108 Verified rand is used safely
         for(ii = 0; ii < PORT_SCAN_QUEUE_LIMIT; ii++) {
             if(!g_devices_a[idx].device) {
                 break;

diff --git a/src/unum/support/support.c b/src/unum/support/support.c
@@ -72,7 +72,7 @@ static void support(void)
 #if SUPPORT_STARTUP_DELAY_RANDOM > 0
     // Random delay at startup to avoid all devices trying to connect
     // at the same time after large area power outage.
-    delay += rand() % SUPPORT_STARTUP_DELAY_RANDOM;
+    delay += rand() % SUPPORT_STARTUP_DELAY_RANDOM;    //SW-2108 Verified rand is used safely
 #endif // SUPPORT_STARTUP_DELAY_RANDOM > 0
 
 #if (SUPPORT_STARTUP_DELAY_FIXED + SUPPORT_STARTUP_DELAY_RANDOM) > 0

diff --git a/src/unum/util/util.c b/src/unum/util/util.c
@@ -698,7 +698,7 @@ int util_init(int level)
         seed += (unsigned int)util_time(1000000000);
         srand(seed);
         // Initialize the seed for the hash function
-        hash_seed = rand();
+        hash_seed = rand();    //SW-2108 Verified rand is used safely
     }
     // Init default server list
     if(level == INIT_LEVEL_SETUP) {

diff --git a/src/unum/util/util_timer.c b/src/unum/util/util_timer.c
@@ -52,7 +52,7 @@ TIMER_HANDLE_t util_timer_set(unsigned int msecs, const char *name,
     {
         // Pick a cell (start at random spot)
         int idx, ii;
-        idx = rand() % UTIL_MAX_TIMERS;
+        idx = rand() % UTIL_MAX_TIMERS;    //SW-2108 Verified rand is used safely
         for(ii = 0; ii < UTIL_MAX_TIMERS; ii++) {
             if(!timer_a[idx].f) {
                 break;

diff --git a/src/unum/zip/crypt.h b/src/unum/zip/crypt.h
@@ -114,7 +114,7 @@ static int crypthead(const char* passwd,      /* password string */
     init_keys(passwd, pkeys, pcrc_32_tab);
     for (n = 0; n < RAND_HEAD_LEN-2; n++)
     {
-        c = (rand() >> 7) & 0xff;
+        c = (rand() >> 7) & 0xff;    //SW-2108 Verified rand is used safely. See original source comment above.
         header[n] = (unsigned char)zencode(pkeys, pcrc_32_tab, c, t);
     }
     /* Encrypt random header (last two bytes is high word of crc) */