Module cwe_checker_lib::checkers::cwe_337

Expand description

This module implements a check for CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)

The use of predictable seeds significantly reduces the number of possible seeds that an attacker would need to test in order to predict which random numbers will be generated by the PRNG.

See https://cwe.mitre.org/data/definitions/337.html for a detailed description.

How the check works

Using dataflow analysis we search for an execution path where the result of a time source, like time, is used as an argument to a PRNG seeding function, like srand.

Symbols configurable in config.json

Both the sources of predictable seeds and the seeding functions can be configured using the sources and seeding_functions respectively.

Structs

Config
The configuration struct.
Context
The Context struct for the taint analysis.

Statics

CWE_MODULE
The module name and version.

Functions

check_cwe
Run the CWE check.