[clang-tools-extra] [clang-tidy] Move 'cert-msc51-cpp', 'cert-msc32-c' checks outside of 'cert' module and give a proper name (PR #167143)

Baranov Victor via cfe-commits Sun, 09 Nov 2025 00:56:06 -0800

================
@@ -0,0 +1,44 @@
+.. title:: clang-tidy - bugprone-random-generator-seed
+
+bugprone-random-generator-seed
+==============================
+
+Flags all pseudo-random number engines, engine adaptor
+instantiations and ``srand()`` when initialized or seeded with default 
argument,
+constant expression or any user-configurable type. Pseudo-random number
+engines seeded with a predictable value may cause vulnerabilities e.g. in
+security protocols.
+
+Examples:
+
+.. code-block:: c++
+
+  void foo() {
+    std::mt19937 engine1; // Diagnose, always generate the same sequence
+    std::mt19937 engine2(1); // Diagnose
+    engine1.seed(); // Diagnose
+    engine2.seed(1); // Diagnose
+
+    std::time_t t;
+    engine1.seed(std::time(&t)); // Diagnose, system time might be controlled 
by user
+
+    int x = atoi(argv[1]);
+    std::mt19937 engine3(x);  // Will not warn
+  }
+
+Options
+-------
+
+.. option:: DisallowedSeedTypes
+
+   A comma-separated list of the type names which are disallowed.
+   Default value is `time_t,std::time_t`.
+
+References
+----------
+
+This is a CERT security rule, see
----------------
vbvictor wrote:


```suggestion
This check corresponds to the CERT C++ Coding Standard rules
```

https://github.com/llvm/llvm-project/pull/167143
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] [clang-tidy] Move 'cert-msc51-cpp', 'cert-msc32-c' checks outside of 'cert' module and give a proper name (PR #167143)

Reply via email to