HPCC-27310 Fix Coverity scan issue in lnuid

Borrow random_string logic from httplib to populate buffer if /dev/urandom cannot be opened or read. Signed-off-by: Tim Klemm <tim.klemm@lexisnexisrisk.com>
hpcc-systems · Oct 21, 2024 · 3f1402e · 3f1402e
1 parent ea1047a
commit 3f1402e
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/system/globalid/lnuid.cpp b/system/globalid/lnuid.cpp
@@ -94,8 +94,16 @@ namespace ln_uid {
         fp = fopen("/dev/urandom", "r");
         if (!fp || fread(&randomdata, 1, random_byte_count, fp) != random_byte_count)
         {
-            // Should never happen, but if it does log it and ignore
+            // Should never happen, but if it does log it and fallback
             OERRLOG("Could not read data from /dev/urandom");
+            auto randchar = []() -> char {
+                const char charset[] = "0123456789"
+                                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                                    "abcdefghijklmnopqrstuvwxyz";
+                const size_t max_index = (sizeof(charset) - 1);
+                return charset[static_cast<size_t>(rand()) % max_index];
+            };
+            std::generate_n(randomdata, random_byte_count, randchar);
         }
         if (fp)
             fclose(fp);