Implements a check for CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)
The check works by reusing the taint-tracking code from the check for CWE-467 to track return values of "source" functions (e.g.: time) to arguments of "sink" functions (e.g: srand).
Implements a check for CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)
The check works by reusing the taint-tracking code from the check for CWE-467 to track return values of "source" functions (e.g.:
time) to arguments of "sink" functions (e.g:srand).