Added fix for CWE 330: Use of Insufficiently Random Value (Cryptographically weak PRNG)
Change-Id: If17007c4e14fa91b3c378a504e7fbd03ea44a69b
Signed-off-by: selvi.j <selvi.j@tataelxsi.co.in>
__date__ = "$2019-10-019"
import unittest
__date__ = "$2019-10-019"
import unittest
from unittest import TestCase
from unittest.mock import Mock, patch, call
from uuid import uuid4
from http import HTTPStatus
from time import time
from unittest import TestCase
from unittest.mock import Mock, patch, call
from uuid import uuid4
from http import HTTPStatus
from time import time
-from random import randint
from osm_common import dbbase, fsbase, msgbase
from osm_nbi import authconn, validation
from osm_nbi.admin_topics import (
from osm_common import dbbase, fsbase, msgbase
from osm_nbi import authconn, validation
from osm_nbi.admin_topics import (
with self.subTest(i=1):
self.auth.get_project_list.side_effect = [[proj], []]
new_name = "new-project-name"
with self.subTest(i=1):
self.auth.get_project_list.side_effect = [[proj], []]
new_name = "new-project-name"
- quotas = {"vnfds": randint(0, 100), "nsds": randint(0, 100)}
+ quotas = {
+ "vnfds": random.SystemRandom().randint(0, 100),
+ "nsds": random.SystemRandom().randint(0, 100),
+ }
self.topic.edit(
self.fake_session, pid, {"name": new_name, "quotas": quotas}
)
self.topic.edit(
self.fake_session, pid, {"name": new_name, "quotas": quotas}
)
self.assertEqual(content["quotas"], quotas, "Wrong quotas")
with self.subTest(i=2):
new_name = "other-project-name"
self.assertEqual(content["quotas"], quotas, "Wrong quotas")
with self.subTest(i=2):
new_name = "other-project-name"
- quotas = {"baditems": randint(0, 100)}
+ quotas = {"baditems": random.SystemRandom().randint(0, 100)}
self.auth.get_project_list.side_effect = [[proj], []]
with self.assertRaises(EngineException, msg="Accepted wrong quotas") as e:
self.topic.edit(
self.auth.get_project_list.side_effect = [[proj], []]
with self.assertRaises(EngineException, msg="Accepted wrong quotas") as e:
self.topic.edit(