From 3f1402ead9e1fbe07d666786170118c8e474d569 Mon Sep 17 00:00:00 2001
From: Tim Klemm <tim.klemm@lexisnexisrisk.com>
Date: Wed, 8 Nov 2023 07:25:23 -0500
Subject: [PATCH] HPCC-27310 Fix Coverity scan issue in lnuid

Borrow random_string logic from httplib to populate buffer if
/dev/urandom cannot be opened or read.

Signed-off-by: Tim Klemm <tim.klemm@lexisnexisrisk.com>
---
 system/globalid/lnuid.cpp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/system/globalid/lnuid.cpp b/system/globalid/lnuid.cpp
index 105bd4efac5..a72a89542f1 100644
--- a/system/globalid/lnuid.cpp
+++ b/system/globalid/lnuid.cpp
@@ -94,8 +94,16 @@ namespace ln_uid {
         fp = fopen("/dev/urandom", "r");
         if (!fp || fread(&randomdata, 1, random_byte_count, fp) != random_byte_count)
         {
-            // Should never happen, but if it does log it and ignore
+            // Should never happen, but if it does log it and fallback
             OERRLOG("Could not read data from /dev/urandom");
+            auto randchar = []() -> char {
+                const char charset[] = "0123456789"
+                                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                                    "abcdefghijklmnopqrstuvwxyz";
+                const size_t max_index = (sizeof(charset) - 1);
+                return charset[static_cast<size_t>(rand()) % max_index];
+            };
+            std::generate_n(randomdata, random_byte_count, randchar);
         }
         if (fp)
             fclose(fp);