Gitiles
Code Review Sign In
osm.etsi.org / osm / NG-UI / faf168f6b4d44a688ca7857b7937ed891b0b71b9^! / .
commitfaf168f6b4d44a688ca7857b7937ed891b0b71b9[log] [tgz]
authorSANDHYA.JS <sandhya.j@tataelxsi.co.in>Thu Mar 07 23:08:48 2024 +0530
committerjssan <sandhya.j@tataelxsi.co.in>Fri May 31 08:31:41 2024 +0200
tree26c6a337b0690e046a44b33a974b5521ccd11512
parent995c6728dfcd126c3e6f1febaf9a3399803153d1 [diff]
Coverity-CWE 330: Use of Insufficiently Random Values

	- Resolved Cryptographically weak PRNG issue by not using
	  Math.random() in code.

Change-Id: I237d90caba67d4b866e910c895b88ef3b292353f
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
(cherry picked from commit afb9ebdbde72010cb60dc91d605e0b250b4f6cd4)

diff --git a/src/services/SharedService.ts b/src/services/SharedService.ts
index 2a5f50f..8fb51bf 100644
--- a/src/services/SharedService.ts
+++ b/src/services/SharedService.ts

@@ -128,9 +128,13 @@
     // eslint-disable-next-line @typescript-eslint/no-magic-numbers
     private randomStringLength: number = 4;
 
-    /** Max length of Uint8Array */
+    /** express number for rgb manipulation */
     // eslint-disable-next-line @typescript-eslint/no-magic-numbers
-    private unit8Array: number = 255;
+    private colourHour: number = 10;
+
+    /** express number for rgb manipulation*/
+    // eslint-disable-next-line @typescript-eslint/no-magic-numbers
+    private colourMin: number = 5;
 
     /** Instance of the rest service @private */
     private restService: RestService;
@@ -138,10 +142,6 @@
     /** Service holds the router information @private */
     private router: Router;
 
-    /** Random color string generator length @private */
-    // eslint-disable-next-line @typescript-eslint/no-magic-numbers
-    private colorStringLength: number = 256;
-
     /** Check for the root directory @private */
     // eslint-disable-next-line @typescript-eslint/no-magic-numbers
     private directoryCount: number = 2;
@@ -260,10 +260,9 @@
 
     /** Generate random string @public */
     public randomString(): string {
-        const chars: string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
         let result: string = '';
         for (let randomStringRef: number = this.randomStringLength; randomStringRef > 0; --randomStringRef) {
-            result += chars[Math.floor(Math.random() * chars.length)];
+            result += new Date().getSeconds();
         }
         return result;
     }
@@ -426,9 +425,9 @@
 
     /** Random RGB color code generator @public */
     public generateColor(): string {
-        const x: number = Math.floor(Math.random() * this.colorStringLength);
-        const y: number = Math.floor(Math.random() * this.colorStringLength);
-        const z: number = Math.floor(Math.random() * this.colorStringLength);
+        const x: number = Math.floor((new Date().getHours()) * this.colourHour);
+        const y: number = Math.floor((new Date().getMinutes()) * this.colourMin);
+        const z: number = Math.floor((new Date().getSeconds()) * this.colourMin);
         return 'rgb(' + x + ',' + y + ',' + z + ')';
     }