projects / osm / POL.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ecf3f13)
Coverity-CWE 330: Use of Insufficiently Random Values (137944 Cryptographically weak... 96/13296/3
authork4.rahul <rahul.k4@tataelxsi.co.in>
Thu, 27 Apr 2023 06:55:59 +0000 (12:25 +0530)
committerelumalai <deepika.e@tataelxsi.co.in>
Fri, 31 May 2024 06:23:06 +0000 (08:23 +0200)
Added fix for CWE 330: Use of Insufficiently Random Value (Cryptographically weak PRNG)
use SystemRandom().randint() instead of randint() to generate Cryptographically secure
random values

Change-Id: I02b5ce9bf1826f60a183d6e793cb0661dc120a43
Signed-off-by: k4.rahul <rahul.k4@tataelxsi.co.in>
osm_policy_module/common/mon_client.py patch | blob | history

diff --git a/osm_policy_module/common/mon_client.py b/osm_policy_module/common/mon_client.py
index 0142096..e4f7533 100644 (file)
--- a/osm_policy_module/common/mon_client.py
+++ b/osm_policy_module/common/mon_client.py
@@ -23,7 +23,7 @@
 ##
 import json
 import logging
-import random
+from random import SystemRandom
 from json import JSONDecodeError
 
 import yaml
@@ -53,7 +53,7 @@ class MonClient:
         vnfr: object = None,
         vnfd: object = None,
     ):
-        cor_id = random.randint(1, 10e7)
+        cor_id = SystemRandom().randint(1, 10e7)
         msg = self._build_create_alarm_payload(
             cor_id,
             metric_name,
@@ -111,7 +111,7 @@ class MonClient:
     async def delete_alarm(
         self, ns_id: str, vnf_member_index: str, vdu_name: str, alarm_uuid: str
     ):
-        cor_id = random.randint(1, 10e7)
+        cor_id = SystemRandom().randint(1, 10e7)
         msg = self._build_delete_alarm_payload(
             cor_id, ns_id, vdu_name, vnf_member_index, alarm_uuid
         )