From: k4.rahul Date: Thu, 27 Apr 2023 06:55:59 +0000 (+0530) Subject: Coverity-CWE 330: Use of Insufficiently Random Values (137944 Cryptographically weak... X-Git-Tag: release-v16.0-start~2 X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=bfe6988e8ec5ad9283200f46134529cac10e006c;p=osm%2FPOL.git Coverity-CWE 330: Use of Insufficiently Random Values (137944 Cryptographically weak PRNG) Added fix for CWE 330: Use of Insufficiently Random Value (Cryptographically weak PRNG) use SystemRandom().randint() instead of randint() to generate Cryptographically secure random values Change-Id: I02b5ce9bf1826f60a183d6e793cb0661dc120a43 Signed-off-by: k4.rahul --- diff --git a/osm_policy_module/common/mon_client.py b/osm_policy_module/common/mon_client.py index 0142096..e4f7533 100644 --- a/osm_policy_module/common/mon_client.py +++ b/osm_policy_module/common/mon_client.py @@ -23,7 +23,7 @@ ## import json import logging -import random +from random import SystemRandom from json import JSONDecodeError import yaml @@ -53,7 +53,7 @@ class MonClient: vnfr: object = None, vnfd: object = None, ): - cor_id = random.randint(1, 10e7) + cor_id = SystemRandom().randint(1, 10e7) msg = self._build_create_alarm_payload( cor_id, metric_name, @@ -111,7 +111,7 @@ class MonClient: async def delete_alarm( self, ns_id: str, vnf_member_index: str, vdu_name: str, alarm_uuid: str ): - cor_id = random.randint(1, 10e7) + cor_id = SystemRandom().randint(1, 10e7) msg = self._build_delete_alarm_payload( cor_id, ns_id, vdu_name, vnf_member_index, alarm_uuid )