search

datarhei / gosrt

Implementation of the SRT protocol in pure Go
https://datarhei.com
MIT License
98 stars 15 forks source link

use crypto/rand instead of math/rand #23

Closed aler9 closed 11 months ago

aler9 commented 11 months ago

math/rand has a predictable output that entirely depends on the seed, that can be estimated by using brute force attacks. It is advised to replace it with crypto/rand even in features that apparently don't play a role in security.

codecov-commenter commented 11 months ago

Codecov Report

Patch coverage: 43.83% and project coverage change: -0.49% :warning:

Comparison is base (6f06385) 62.98% compared to head (c67435b) 62.49%. Report is 8 commits behind head on main.

:exclamation: Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #23 +/- ## ========================================== - Coverage 62.98% 62.49% -0.49% ========================================== Files 14 14 Lines 4530 4583 +53 ========================================== + Hits 2853 2864 +11 - Misses 1402 1433 +31 - Partials 275 286 +11 ``` | Flag | Coverage Δ | | |---|---|---| | unit-linux | `62.49% <43.83%> (-0.49%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei#carryforward-flags-in-the-pull-request-comment) to find out more. | [Files Changed](https://app.codecov.io/gh/datarhei/gosrt/pull/23?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei) | Coverage Δ | | |---|---|---| | [listen.go](https://app.codecov.io/gh/datarhei/gosrt/pull/23?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei#diff-bGlzdGVuLmdv) | `60.90% <20.00%> (-0.62%)` | :arrow_down: | | [dial.go](https://app.codecov.io/gh/datarhei/gosrt/pull/23?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei#diff-ZGlhbC5nbw==) | `56.94% <36.84%> (-1.11%)` | :arrow_down: | | [internal/net/syncookie.go](https://app.codecov.io/gh/datarhei/gosrt/pull/23?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei#diff-aW50ZXJuYWwvbmV0L3N5bmNvb2tpZS5nbw==) | `59.74% <48.97%> (-28.36%)` | :arrow_down: |

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.