23374838686

Committed 21 Mar 2026 07:29AM UTC coverage: 59.341% (-20.0%) from 79.315%

Build # 23374838686

Build Type

Pull #15075

github

Committed by

web-flow

Commit Message

Merge 90b4e834f into 6587e363a

Pull Request Pull Request #15075: Stack 8001 v16.4

Coverage Stats

38 of 70 new or added lines in 10 files covered. (54.29%)

34165 existing lines in 563 files now uncovered.

119621 of 201584 relevant lines covered (59.34%)

650666.92 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

14.29

/src/util-random.c

/* Copyright (C) 2007-2017 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
 * Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * version 2 along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 */

/**
 * \file
 *
 * \author Victor Julien <victor@inliniac.net>
 *
 * Functions for getting a random value based on
 * SEI CERT C Coding Standard MSC30-C
 */

#include "suricata-common.h"
#include "suricata.h"
#include "util-random.h"
#include "util-debug.h"

#if !(defined(HAVE_WINCRYPT_H) &&  defined(OS_WIN32))
#if defined(HAVE_CLOCK_GETTIME)

static long int RandomGetClock(void)
{
    struct timespec ts;
    clock_gettime(CLOCK_REALTIME, &ts);

    // coverity[dont_call : FALSE]
    srandom((unsigned int)(ts.tv_nsec ^ ts.tv_sec));
    long int value = random();
    return value;
}

#else

static long int RandomGetPosix(void)
{
    struct timeval tv;
    memset(&tv, 0, sizeof(tv));
    gettimeofday(&tv, NULL);

    // coverity[dont_call : FALSE]
    srandom(tv.tv_usec ^ tv.tv_sec);
    long int value = random();
    return value;
}

#endif
#endif /* !(defined(HAVE_WINCRYPT_H) &&  defined(OS_WIN32)) */

#if defined(HAVE_WINCRYPT_H) && defined(OS_WIN32)
#include <wincrypt.h>

long int RandomGet(void)
{
    if (g_disable_randomness)
        return 0;

    HCRYPTPROV p;
    if (!CryptAcquireContext(&p, NULL, NULL, PROV_RSA_FULL, 0)) {
        DWORD err = GetLastError();
        SCLogDebug("CryptAcquireContext error: %" PRIu32, (uint32_t)err);
        if (err == (DWORD)NTE_BAD_KEYSET) {
            /* The key doesn't exist yet, create it */
            if (!CryptAcquireContext(&p, NULL, NULL, PROV_RSA_FULL,
                                     CRYPT_NEWKEYSET)) {

                SCLogDebug("CryptAcquireContext error: %" PRIu32,
                           (uint32_t)err);
                return -1;
            }
        } else {
            return -1;
        }
    }

    long int value = 0;
    if (!CryptGenRandom(p, sizeof(value), (BYTE *)&value)) {
        (void)CryptReleaseContext(p, 0);
        return -1;
    }

    (void)CryptReleaseContext(p, 0);

    return value;
}
#elif defined(HAVE_GETRANDOM)
long int RandomGet(void)
{
    if (g_disable_randomness)
        return 0;

    long int value = 0;
    ssize_t ret = getrandom(&value, sizeof(value), 0);
    /* ret should be sizeof(value), but if it is > 0 and < sizeof(value)
     * it's still better than nothing so we return what we have */
    if (ret <= 0) {
        if (ret == -1 && errno == ENOSYS) {
#if defined(HAVE_CLOCK_GETTIME)
            return RandomGetClock();
#else
            return RandomGetPosix();
#endif
        }
        return -1;
    }
    return value;
}
#elif defined(HAVE_CLOCK_GETTIME)
long int RandomGet(void)
{
    if (g_disable_randomness)
        return 0;

    return RandomGetClock();
}
#else
long int RandomGet(void)
{
    if (g_disable_randomness)
        return 0;

    return RandomGetPosix();
}
#endif

1	/* Copyright (C) 2007-2017 Open Information Security Foundation
2	*
3	* You can copy, redistribute or modify this Program under the terms of
4	* the GNU General Public License version 2 as published by the Free
5	* Software Foundation.
6	*
7	* This program is distributed in the hope that it will be useful,
8	* but WITHOUT ANY WARRANTY; without even the implied warranty of
9	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	* GNU General Public License for more details.
11	*
12	* You should have received a copy of the GNU General Public License
13	* version 2 along with this program; if not, write to the Free Software
14	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15	* 02110-1301, USA.
16	*/
17
18	/**
19	* \file
20	*
21	* \author Victor Julien <victor@inliniac.net>
22	*
23	* Functions for getting a random value based on
24	* SEI CERT C Coding Standard MSC30-C
25	*/
26
27	#include "suricata-common.h"
28	#include "suricata.h"
29	#include "util-random.h"
30	#include "util-debug.h"
31
32	#if !(defined(HAVE_WINCRYPT_H) && defined(OS_WIN32))
33	#if defined(HAVE_CLOCK_GETTIME)
34
35	static long int RandomGetClock(void)
36	{	×
37	struct timespec ts;	×
38	clock_gettime(CLOCK_REALTIME, &ts);	×
39
40	// coverity[dont_call : FALSE]
41	srandom((unsigned int)(ts.tv_nsec ^ ts.tv_sec));	×
42	long int value = random();	×
43	return value;	×
44	}	×
45
46	#else
47
48	static long int RandomGetPosix(void)
49	{
50	struct timeval tv;
51	memset(&tv, 0, sizeof(tv));
52	gettimeofday(&tv, NULL);
53
54	// coverity[dont_call : FALSE]
55	srandom(tv.tv_usec ^ tv.tv_sec);
56	long int value = random();
57	return value;
58	}
59
60	#endif
61	#endif /* !(defined(HAVE_WINCRYPT_H) && defined(OS_WIN32)) */
62
63	#if defined(HAVE_WINCRYPT_H) && defined(OS_WIN32)
64	#include <wincrypt.h>
65
66	long int RandomGet(void)
67	{
68	if (g_disable_randomness)
69	return 0;
70
71	HCRYPTPROV p;
72	if (!CryptAcquireContext(&p, NULL, NULL, PROV_RSA_FULL, 0)) {
73	DWORD err = GetLastError();
74	SCLogDebug("CryptAcquireContext error: %" PRIu32, (uint32_t)err);
75	if (err == (DWORD)NTE_BAD_KEYSET) {
76	/* The key doesn't exist yet, create it */
77	if (!CryptAcquireContext(&p, NULL, NULL, PROV_RSA_FULL,
78	CRYPT_NEWKEYSET)) {
79
80	SCLogDebug("CryptAcquireContext error: %" PRIu32,
81	(uint32_t)err);
82	return -1;
83	}
84	} else {
85	return -1;
86	}
87	}
88
89	long int value = 0;
90	if (!CryptGenRandom(p, sizeof(value), (BYTE *)&value)) {
91	(void)CryptReleaseContext(p, 0);
92	return -1;
93	}
94
95	(void)CryptReleaseContext(p, 0);
96
97	return value;
98	}
99	#elif defined(HAVE_GETRANDOM)
100	long int RandomGet(void)
101	{	11,197✔
102	if (g_disable_randomness)	11,197✔
103	return 0;	11,197✔
104
UNCOV 105	long int value = 0;	×
UNCOV 106	ssize_t ret = getrandom(&value, sizeof(value), 0);	×
107	/* ret should be sizeof(value), but if it is > 0 and < sizeof(value)
108	* it's still better than nothing so we return what we have */
UNCOV 109	if (ret <= 0) {	×
110	if (ret == -1 && errno == ENOSYS) {	×
111	#if defined(HAVE_CLOCK_GETTIME)	×
112	return RandomGetClock();	×
113	#else
114	return RandomGetPosix();
115	#endif
116	}	×
117	return -1;	×
118	}	×
UNCOV 119	return value;	×
UNCOV 120	}	×
121	#elif defined(HAVE_CLOCK_GETTIME)
122	long int RandomGet(void)
123	{
124	if (g_disable_randomness)
125	return 0;
126
127	return RandomGetClock();
128	}
129	#else
130	long int RandomGet(void)
131	{
132	if (g_disable_randomness)
133	return 0;
134
135	return RandomGetPosix();
136	}
137	#endif

OISF / suricata / 23374838686

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous