From 3f1402ead9e1fbe07d666786170118c8e474d569 Mon Sep 17 00:00:00 2001
From: Tim Klemm <tim.klemm@lexisnexisrisk.com>
Date: Wed, 8 Nov 2023 07:25:23 -0500
Subject: [PATCH 1/2] HPCC-27310 Fix Coverity scan issue in lnuid

Borrow random_string logic from httplib to populate buffer if
/dev/urandom cannot be opened or read.

Signed-off-by: Tim Klemm <tim.klemm@lexisnexisrisk.com>
---
 system/globalid/lnuid.cpp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/system/globalid/lnuid.cpp b/system/globalid/lnuid.cpp
index 105bd4efac5..a72a89542f1 100644
--- a/system/globalid/lnuid.cpp
+++ b/system/globalid/lnuid.cpp
@@ -94,8 +94,16 @@ namespace ln_uid {
         fp = fopen("/dev/urandom", "r");
         if (!fp || fread(&randomdata, 1, random_byte_count, fp) != random_byte_count)
         {
-            // Should never happen, but if it does log it and ignore
+            // Should never happen, but if it does log it and fallback
             OERRLOG("Could not read data from /dev/urandom");
+            auto randchar = []() -> char {
+                const char charset[] = "0123456789"
+                                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                                    "abcdefghijklmnopqrstuvwxyz";
+                const size_t max_index = (sizeof(charset) - 1);
+                return charset[static_cast<size_t>(rand()) % max_index];
+            };
+            std::generate_n(randomdata, random_byte_count, randchar);
         }
         if (fp)
             fclose(fp);

From 60ad141fc829b794c94b3cd626e41937da71897f Mon Sep 17 00:00:00 2001
From: Tim Klemm <Tim.Klemm@lexisnexisrisk.com>
Date: Tue, 22 Oct 2024 13:49:48 -0400
Subject: [PATCH 2/2] Update based on review comments.

---
 system/globalid/lnuid.cpp | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/system/globalid/lnuid.cpp b/system/globalid/lnuid.cpp
index a72a89542f1..c11d8be9732 100644
--- a/system/globalid/lnuid.cpp
+++ b/system/globalid/lnuid.cpp
@@ -96,14 +96,7 @@ namespace ln_uid {
         {
             // Should never happen, but if it does log it and fallback
             OERRLOG("Could not read data from /dev/urandom");
-            auto randchar = []() -> char {
-                const char charset[] = "0123456789"
-                                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                                    "abcdefghijklmnopqrstuvwxyz";
-                const size_t max_index = (sizeof(charset) - 1);
-                return charset[static_cast<size_t>(rand()) % max_index];
-            };
-            std::generate_n(randomdata, random_byte_count, randchar);
+            std::generate_n(randomdata, random_byte_count, [](){ return char(rand()); });
         }
         if (fp)
             fclose(fp);