SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 134

changes.mady.by.user Aleksandr Karbyshev

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

On Windows platforms, the BcryptGenRandomBCryptGenRandom() function can be used to generate cryptographically strong random numbers. The Microsoft Developer Network BCryptGenRandom() reference [MSDN] states:

...

The use of the rand() function can result in predictable random numbers.

Rule

Severity

Likelihood

Detectable

Remediation CostRepairable

Priority

Level

MSC30-C

Medium

Unlikely

Yes

NoLow

P6P4

L2L3

Automated Detection

Supported, but no explicit checkerVulnerable 5022

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
stdlib-use-randFully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MSC30
Clang
Include Page
Clang_40_V
Clang_40_V
cert-msc30-cChecked by clang-tidy
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
BADFUNC.RANDOM.RANDUse of rand
Compass/ROSE




Coverity
Include Page
Coverity_V
Coverity_V

DONTCALL

Implemented - weak support
Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-msc30-c

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.MSC30

Fully implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5022

C++5029


Klocwork
Include Page
Klocwork_V
Klocwork_V

CERT.MSC.STD_RAND_CALL


LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced enforcement
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC30-a

Do not use the rand() function for generating pseudorandom numbers
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MSC30-CChecks for vulnerable pseudo-random number generator

Using a cryptographically weak pseudo-random number generator

PRQA QA-C
Include Page
PRQA QA-C_vPRQA QA-C_v(rule fully covered)


RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

stdlib-use-randFully checked
Security Reviewer - Static Reviewer

Include Page
Security Reviewer - Static Reviewer_V
Security Reviewer - Static Reviewer_V

RTOS_07Fully implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here for mapping notes

CWE-327 and MSC30-C


  • CWE-327 forbids “broken or risky cryptographic algorithms” but does not specify what constitutes such an algo.



  • Per CERT judgement, rand() qualifies, so:



  • CWE-327 = Union( MSC30-C, list) where list =



  • Invocation of broken/risky crypto algorithms besides rand()


CWE-338 and MSC30-C

CWE-338 = Union( MSC30-C, list) where list =


  • Use of a weak PRNG besides standard C rand().


CWE-330 and MSC30-C

Independent( MSC30-C, MSC32-C, CON33-C)

...

MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

CWE-676 and MSC30-C


  • Independent( ENV33-C, CON33-C, STR31-C, EXP33-C, MSC30-C, ERR34-C)



  • MSC30-C implies that rand() is dangerous.



  • CWE-676 = Union( MSC30-C, list) where list =



  • Invocation of other dangerous functions, besides rand().


Bibliography

[MSDN]

"BCryptGenRandom() Function"

[OpenBSD]arc4random()

...