In all of these code blocks are a well-known piece of information
(same time on your machine as everywhere else) is being used to seed a
deterministic number generator.
At some later point, deterministic numbers are taken out using rand(),
random(), drand48(), lrand48(), mrand48(), or srand48(), or some
derivative function inside the program itself, and used for WHO KNOWS
WHAT PURPOSE.
I did not audit what the numbers are being used for.
Quite likely some numbers are just used to help hashing. Some could
be used to print pretty pictures. But in xulrunner? In the zip password
creator? In postgresql, or say in openldap (a network related thing)?
It is doubtful they are all fine.
For the benefit of other projects who haven't taken the same steps as
OpenBSD, it would be nice if some people helped out these pieces of
software.
EMBOSS-6.0.1 srand((unsigned) time(&tm));
ORBit2-2.14.19 srand (t.tv_sec ^ t.tv_usec ^ getpid () ^ getuid ());
apr-util-1.5.3 srand((unsigned int)(((time_now >> 32) ^ time_now) &
0xffffffff));
apr-util-1.5.3 srand((unsigned int)apr_time_now());
aqualung-0.9beta11 srand(time(0));
aqualung-0.9beta11 srand(time(NULL));
audacious-3.5.2 srand (time (NULL));
audacious-plugins-3.5.2 srand(time(NULL));
audacity-1.3.9 srand(time(0));
audacity-1.3.9 srand(time(NULL));
audacity-1.3.9 srand( (unsigned int) time(NULL) );
birda-1.1 srandom(t.tv_sec^t.tv_usec);
boost-1.53.0 std::srand( runtime_config::random_seed() );
boost-1.53.0 srand(time(0));
boost-1.53.0 generator() { srand(time(0)); }
boost-1.53.0 generator() { srand(time(0)); }
boost-1.53.0 std::srand(time(0) + world.rank());
boost-1.53.0 std::srand(time(0) + world.rank());
boost-1.53.0 srand(time(0) + world.rank());
boost-1.53.0 srand(time(0) + world.rank());
boost-1.53.0 std::srand(time(0) + world.rank());
boost-1.53.0 std::srand(time(0) + world.rank());
boost-1.53.0 srand( time(NULL) );
boost-1.53.0 srand( time( NULL ) );
boost-1.53.0 srand ( time(NULL) );
boost-1.53.0 std::srand(static_cast<unsigned>(std::time(0)));
boost-1.53.0 std::srand(static_cast<unsigned>(std::time(0)));
boost-1.53.0 srand(time(0));
boost-1.53.0 srand(time(0));
boost-1.53.0 std::srand((unsigned int)std::time(NULL));
boost-1.53.0 srand(time(0));
bullet-2.81// srand(time(NULL) / 30);
bullet-2.81 srand((unsigned)time(NULL)); // Seed it...
bullet-2.81 srand ( time ( 0x0 ) );
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
c3270-3.3.11.6 srand(time(NULL));
c3270-3.3.11.6 srandom(time(NULL));
caps-plugins-0.4.4 srandom (tv.tv_sec ^ tv.tv_usec);
celestia-1.6.1 std::srand(std::time(NULL));
celestia-1.6.1 std::srand(time(NULL));
celestia-1.6.1 srandom(time(NULL));
celt-0.11.1 srand(time(NULL));
celt07-0.7.1 srand(time(NULL));
cgdb-0.6.8 srand(time(NULL));
clementine-1.2.3 srandom((int)[[NSDate date] timeIntervalSince1970]);
clementine-1.2.3 srandom(time(NULL));
clementine-1.2.3 srand ( time ( NULL ) );
clementine-1.2.3 qsrand((time.tv_sec * 1000) + (time.tv_usec / 1000));
cmake-3.0.2 srand((unsigned)time(0));
cmake-3.0.2 srand((unsigned int)time(NULL)+randomizer++); /* seed */
codeblocks-13.12 srand( time(NULL) );
codeblocks-13.12 inline void ini_random() { srand(time(0)); };
codeblocks-13.12 srand((unsigned)time(0));
codeblocks-13.12 srand(time(nullptr));
codeworker-4.5.4 if (iSeed >= 0) srand((unsigned) iSeed);
codeworker-4.5.4 else srand((unsigned) time(NULL));
db-3.1.17 srand((u_int)time(NULL));
db-3.1.17 srand(getpid() | time(NULL));
db-3.1.17 srand((unsigned int)time(NULL));
db-4.6.21 srand((u_int)time(NULL));
db-4.6.21 srand(getpid() | time(NULL));
db-4.6.21 srand((unsigned int)time(NULL));
db-4.6.21 srand((u_int)time(NULL) % (u_int)getpid());
db-4.6.21 srand((u_int)(time(NULL) | getpid()));
db-4.6.21 srand((u_int)(time(NULL) | getpid()));
deadbeef-0.6.2 srand (time (NULL));
deadbeef-0.6.2// srand ((uint) ::time(NULL));
deadbeef-0.6.2 srand(time(NULL));
deadbeef-0.6.2 fixed random playback bug caused by libsidplay2 calling
srand(time(NULL))
festival-1.95beta# define seed_random() srand((unsigned)time(NULL))
festival-1.95beta# define seed_random() srandom(time(NULL));
festival-1.95beta srand(time(NULL));
flac-1.3.0 srand((unsigned)time(0));
flac-1.3.0 srand((unsigned)time(0));
flac-1.3.0 srand((unsigned)time(0));
fldigi-3.21.83// srand(time(NULL));
fritzing-0.9.0 srand ( time(NULL) );
fritzing-0.9.0 srand((unsigned)(time(NULL) ^ ZCR_SEED2));
giblib-1.2.4 srand(getpid() * time(NULL) % ((unsigned int) -1));
glyr-1.0.2 srand (time (NULL) );
glyr-1.0.2 srand (time (NULL) );
gperf-3.0.4 srand (static_cast<long>(time (0)));
gqmpeg-0.91.1 srand(time(NULL));
gsl-1.16.0.3-ruby21 srand(time(NULL));
gtkpod-1.0.0 srand(time(NULL));
hydrogen-0.9.4 srand( time( NULL ) );
hylafax-6.0.6 srand(time(NULL));
iozone-3.429 srand(time(0));
jack-0.121.3 srandom (time ((time_t *) 0));
jpilot-1.8.2 srandom(time(NULL));
jpilot-1.8.2 srandom(time(NULL));
jpilot-1.8.2 srand(time(NULL) * getpid());
kdevplatform-1.6.0 srand(time(NULL));
kdevplatform-1.6.0 srand(time(NULL));
kdevplatform-1.6.0 //srand(time(NULL));
kdevplatform-1.6.0 srand(time(NULL));
kdevplatform-1.6.0 std::srand( std::time ( 0 ) );
kicad-20100505 srand((unsigned)(time(NULL) ^ ZCR_SEED2));
ksmp3play-0.5.1 srand ((unsigned int) time (NULL));
kyotocabinet-1.2.76 srand(time(NULL));
lame-3.99.5 srand ( time (NULL) );
libivykis-0.36.2 srand(time(NULL) ^ getpid());
libmemcached-0.48 srandom((uint32_t) time(NULL));
libmemcached-0.48 srandom((uint32_t) time(NULL));
libmemcached-0.48 srandom((unsigned int)time(NULL));
libmemcached-0.48 srandom((unsigned int)time(NULL));
libmodplug-0.8.8.5 srandom((uint32_t)time(0)); //
initialize random generator with seed
libmp3splt-0.5.4 srand(time(NULL));
libmtp-1.1.6 srand(time(NULL));
liboil-0.3.17 srand(time(NULL));
liboil-0.3.17 srand(time(NULL));
liboil-0.3.17 srand(time(NULL));
libreoffice-4.3.4.1 srand((unsigned int)time(NULL));
libreoffice-4.3.4.1 srand( (unsigned) time( NULL ) ); // Random Seed
Init fuer Interpreter
libreoffice-4.3.4.1 srand( unsigned( time( NULL ) ));
libreoffice-4.3.4.1 srand( (unsigned)(t = time( NULL )) );
libreoffice-4.3.4.1 srand( unsigned( time( NULL ) ));
libreoffice-4.3.4.1 srand( (unsigned)time( NULL ) );
libyubikey-1.12 srand (time (NULL));
lmms-0.4.8 srand( time( NULL ) );
lmms-0.4.8 srand(time(NULL));
lmms-0.4.8// srand(time(0));
lmms-0.4.8 srand (tv.tv_sec ^ tv.tv_usec);
lmms-0.4.8 srand( getpid() + time( 0 ) );
lmms-0.4.8 srand( getpid() + time( 0 ) );
madplay-0.15.2b srand(time(0));
mariadb-10.0.14 srand((uint) time(NULL));
mariadb-10.0.14 srand(time(0));
mariadb-10.0.14 srand(time(0));
mariadb-10.0.14 srand(time(0));
mariadb-10.0.14 srand(time(0));
mariadb-10.0.14 srand(num*time(NULL));
mariadb-10.0.14 srand(time(NULL)/(i+1));
mariadb-10.0.14 srand((i+1)*time(NULL));
mariadb-10.0.14 srand(num*time(NULL));
mariadb-10.0.14 srand(num*time(NULL));
mariadb-10.0.14 srand(num*time(NULL));
mariadb-10.0.14 srand (time(NULL));
mariadb-10.0.14 srandom(time(NULL));
mariadb-10.0.14 srandom(tv.tv_sec * 1000000 + tv.tv_usec);
mariadb-10.0.14 // Once upon a time srandom(8) caused this test to fail.
mariadb-10.0.14 srandom(time(0));
mariadb-10.0.14 srandom((uint)time(NULL));
mgetty+sendfax-1.1.37 srand((unsigned)time(NULL));
mgetty+sendfax-1.1.37 srand(time(NULL) | getpid());
mgetty+sendfax-1.1.37 srand(time(NULL) | getpid());
mgetty+sendfax-1.1.37 srandom(time(NULL) | getpid());
mico-2.3.13 srand (time (0));
mikmod-3.2.6 srand(time(NULL));
mikmod-3.2.6 srandom(time(NULL));
mimepp-1.0 srand(time(0));
mongodb-2.6.4 srand( ++z ^ (unsigned) time(0));
mongodb-2.6.4 std::srand( runtime_config::random_seed() );
motif-2.3.4 srand((int) time(NULL));
mp3blaster-3.2.5 srand((unsigned int)time(&t));
mp3blaster-3.2.5 srandom(time(&t));
mpg123-1.21.0#include <time.h> /* For srand(). */
mpg321-0.3.2 srand(time(NULL));
mscore-1.3 srand(time(NULL) ^ 3141592654UL);
nap-1.5.3 srand(tv.tv_usec + 1000000*tv.tv_sec);
ncmpcpp-0.6.1 srand(time(nullptr));
netstrain-3.0 srand(time(NULL));
ode-0.12 srand( static_cast< unsigned int >( time( 0 ) ) );
openldap-2.4.40 srand(time(NULL));
openldap-2.4.40 srand(time(NULL));
openldap-2.4.40 srand(time(NULL));
openldap-2.4.40 srand(time(NULL));
openldap-2.4.40 srand(time(NULL));
openldap-2.4.40 srv_srand(time(0L));
openmpi-1.4.1 srandom( (int)time(NULL) );
openmpi-1.4.1 srand((unsigned int)time(NULL));
opennap-0.44 srand (global.current_time + getuid () + getpid ());
opus-tools-0.1.9 srand(((getpid()&65535)<<15)^start_time);
orc-0.4.19 srand(time(NULL));
p5-Data-UUID-1.217 srand((unsigned int)(((time_now >> 32) ^
time_now)&0xffffffff));
pcb-20110918 effect usage in our application. Added srand( time(NULL) ) to
main.c to set the seed.
pcb-20110918#include <time.h> /* Seed for srand() */
pcb-20110918 srand ( time(NULL) ); /* Set seed for rand() */
pgbouncer-1.5.4 srandom(time(NULL) ^ getpid());
pgpool-II-3.2.3 srandom((unsigned int) (getpid() ^ uptime.tv_usec));
physfs-2.0.3 srand((unsigned int) time(NULL));
pms-0.42 srand(time(NULL));
postgresql-9.3.5 srandom((unsigned int)
INSTR_TIME_GET_MICROSEC(start_time));
postgresql-9.3.5 srandom((unsigned int) time(NULL));
pulseaudio-5.0 srand((unsigned) time(NULL));
pulseaudio-5.0 srand((unsigned) time(NULL));
qdbm-1.8.78 if(cnt == 0) srand(time(NULL));
qdbm-1.8.78 if(cnt == 0) srand(time(NULL));
qdbm-1.8.78 if(cnt == 0) srand(time(NULL));
qdbm-1.8.78 srand(time(NULL));
qdbm-1.8.78 if(cnt == 0) srand(time(NULL));
qdbm-1.8.78 srand(time(NULL));
qdbm-1.8.78 if(cnt == 0) srand(time(NULL));
qdbm-1.8.78 if(cnt == 0) std::srand(std::time(NULL));
qgit-1.5.7 srand (time(NULL));
quazip-0.7 srand((unsigned)(time(NULL) ^ ZCR_SEED2));
qucs-0.0.16 ::srand (::time (NULL));
redis-2.8.17 srandom(time(NULL));
redis-2.8.17 srand(time(NULL));
redis-2.8.17 srand(time(NULL)^getpid());
rplay-3.3.2main(v,c)char**c;{srandom((int)time(!++c)*getpid());v-->1?printf("%s\n",c[random()%v]):(int)v;}
rplay-3.3.2 srandom(time(NULL));
schismtracker-20100101 srand(time(NULL));
scmxx-0.8.0 srand(time(NULL));
siege-2.70 srand( (unsigned)time( NULL ) * seed );
silc-toolkit-1.1.12 srand((time(NULL) + buf_len) ^ rand());
smstools3-3.1.15 srand((int)(time(NULL) * getpid()));
snack2.2.10 srand(time(NULL));
soprano-2.9.4 srand( time(0) );
soundtracker-0.6.8 srand (time(NULL));
sparsehash-2.0.2 srand(r); // keep compiler from optimizing away r (we never
call rand())
sparsehash-2.0.2 srand(9);
sparsehash-2.0.2 srand(r); // keep compiler from optimizing away r (we never
call rand())
sparsehash-2.0.2 srand(r); // keep compiler from optimizing away r (we never
call rand())
speex-1.2rc1 srand(time(NULL));
strigi-0.7.7pl1 srand((unsigned int)time(NULL));
sunclock-3.56-no_maps srandom(Context->time);
sysbench-0.4.8 srandom(time(NULL));
tap-plugins-0.7.1 srand(time(0));
teknap-1.3g srand((unsigned)time(NULL));
teknap-1.3g $srand($time()) a very large seed
timidity-2.13.2 srand(time(NULL));
timidity-2.13.2 srand(time(NULL));
timidity-2.13.2 srand(time(NULL));
timidity-2.13.2 srand(time(NULL));
tla-1.2 srandom (time (0));
tla-1.2 srandom (time (0));
tracker-5.3 srand(time(0));
tracker-5.3 srand(time(0));
tremor-tools-1.0 srand(time(NULL));
tremor-tools-1.0 srandom(time(NULL));
tremor-tools-1.0 srand(time(NULL));
virtuoso-6.1.6 srand((double) microtime() * 1000000);
virtuoso-6.1.6 srand ((unsigned int) time(NULL));
virtuoso-6.1.6 srand ((unsigned) time (NULL));
virtuoso-6.1.6 srand ((unsigned int) (((time_now >> 32) ^ time_now) &
0xffffffff));
virtuoso-6.1.6 srand((unsigned)(time(NULL) ^ ZCR_SEED2));
vorbis-tools-1.4.0 srandom(time(NULL));
vorbis-tools-1.4.0 srand(time(NULL) ^ getpid());
vorbis-tools-1.4.0 srand(time(NULL) ^ getpid());
wmglobe-1.3 srandom(((int) time(NULL)) + ((int) getpid()));
wmmp3-0.12 srand(time(NULL));
x3270-3.3.6 srandom(time(NULL));
xearth-1.1 srandom(((int) time(NULL)) + ((int) getpid()));
xhippo-3.5 srand(time(0));
xmcd-2.6 srand((unsigned) time(NULL));
xmcd-2.6 srand((unsigned) time(NULL));
xmms-1.2.11 srandom(time(NULL));
xmms2-0.8 srand (time (NULL));
xulrunner-24.8.0 srand(time(nullptr));
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand((unsigned int)time(NULL));
xulrunner-24.8.0/mozilla-esr24/security/nss/lib/freebl/mpi/utils/bbsrand.c-
seed = time(NULL);
xulrunner-24.8.0 srand((unsigned int)time(NULL));
xulrunner-24.8.0 srand(seed);
xulrunner-24.8.0 srand(time(NULL) * (unsigned int)pid);
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand((unsigned int)time(NULL));
xulrunner-24.8.0 srand(static_cast<uint32_t>(time(NULL)));
xulrunner-24.8.0 srand(time(0));
xulrunner-24.8.0 srand( (unsigned)time( NULL ) ); /* seed random number
generator */
xulrunner-24.8.0 srand(time(0));
xulrunner-24.8.0 srandom((int)[[NSDate date] timeIntervalSince1970]);
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(time(0));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
xulrunner-24.8.0 srandom(time(NULL));
\
xulrunner-24.8.0 srandom(time(NULL));
\
xulrunner-24.8.0 srandom(time(NULL));
\
xulrunner-24.8.0 srandom(time(NULL));
\
xulrunner-24.8.0 srandom(time(NULL));
\
xulrunner-24.8.0 srand((unsigned int) time(NULL));
xulrunner-24.8.0 srand((unsigned int) time(NULL));
xulrunner-24.8.0 srand((unsigned int)time(NULL) );
xulrunner-24.8.0 srand((unsigned int)time(NULL));
xulrunner-24.8.0 srand((unsigned int)time(NULL));
xulrunner-24.8.0 srand(time(NULL) );
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(time(NULL));
xulrunner-24.8.0 srand(timeGetTime());
xulrunner-24.8.0 cpr_srand((unsigned int)time(NULL));
xulrunner-24.8.0 cpr_srand((unsigned int)time(NULL));
xulrunner-24.8.0 cpr_srand((unsigned int)time(NULL));
zip-3.0 standard UNIX C runtime library functions: time(), rand(),
srand().
zip-3.0 srand((unsigned)time(NULL) ^ ZCR_SEED2);
