commit 5dd52ee9dc244ef9f1c71fef5077c87b109aeae3 from: Sergey Bronnikov date: Tue Dec 19 16:42:25 2023 UTC rules/lua: add a rule with init RNG without seed commit - 2dde17f520efd2390cb86337abb1738e34c9878d commit + 5dd52ee9dc244ef9f1c71fef5077c87b109aeae3 blob - f0cd683ae8b56776e52308477687dd6bbf1ac9f5 blob + 00af207b01b2d1c004bb7064cb78762e7ab84f3b --- README.md +++ README.md @@ -32,6 +32,7 @@ $ spatch --sp-file coccinelle/mmap_map_failed.cocci -- - `basic/fd_leak` - `basic/func_inside_func` - `basic/immutable_looping_variables` +- `basic/init_rng_without_seed` - `basic/loadstring` - `basic/magic_number` - `basic/pcall_err_handling` blob - /dev/null blob + 9292ee2e047e5377ee9a7d298b7ba16e99d1a0e8 (mode 644) --- /dev/null +++ rules/lua/basic/init_rng_without_seed.lua @@ -0,0 +1,8 @@ +-- ruleid: init_rng_without_seed +math.random() + +-- ok: init_rng_without_seed +math.random(os.time()) + +-- ok: init_rng_without_seed +math.random(384) blob - /dev/null blob + 6c50db91c69ce4e811ff303ae58a4c7a9c5e082c (mode 644) --- /dev/null +++ rules/lua/basic/init_rng_without_seed.yaml @@ -0,0 +1,14 @@ +rules: + - id: init_rng_without_seed + patterns: + - pattern: | + ... + math.random(...) + ... + - pattern-not: | + ... + math.random() + ... + message: math.random() is used without random seed. + languages: [lua] + severity: INFO