recent coverity and rand

Kohei Yoshida kohei.yoshida at
Mon Oct 6 16:07:25 PDT 2014

On Thu, 2014-10-02 at 16:44 +0100, Caolán McNamara wrote:
> The latest coverity has taken a dislike to "rand" and we've a big block
> of cids, cid#1242372 to cid#1242410 now marked with
> static_checker_DC.WEAK_CRYPTO "Don't call".
> We have our own random pool stuff in sal, is there a drop in replacement
> for rand in there somewhere or a common pattern we could follow in
> replacing those ?

FYI, this change

 double random(double min, double max)
-    return floor(((double)rand() / ((unsigned int)RAND_MAX + 1)) * (max - min + 1) + min);
+    return comphelper::rng::uniform_real_distribution(min, max);

in sc/source/core/opencl/opencl_device.cxx has made the opencl cppunit
test run extremely slow, if not hanging.  I think I waited about 5
minutes before deciding to Ctrl-C.  Switching it back to the rand()
based solution makes the test run normally.


More information about the LibreOffice mailing list