CWE-336

Same Seed in Pseudo-Random Number Generator (PRNG). [Protection-Mechanism-Failure]

Required inputs: IR

A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized. Given the deterministic nature of PRNGs, using the same seed for each initialization will lead to the same output in the same order. If an attacker can guess (or knows) the seed, then the attacker may be able to determine the random numbers that will be produced from the PRNG.

Demonstrative Examples

Example 1

The following code uses a statistical PRNG to generate account IDs.

Example Language:Java (Unsupported language for documentation only)
    private static final long SEED = 1234567890;
    public int generateAccountID() {
        Random random = new Random(SEED);
        return random.nextInt();
    }

Because the program uses the same seed value for every invocation of the PRNG, its values are predictable, making the system vulnerable to attack.

Example 2

This code attempts to generate a unique random identifier for a user's session.

Example Language:PHP (Unsupported language for documentation only)
    function generateSessionID($userID){
        srand($userID);
        return rand();
    }

Because the seed for the PRNG is always the user's ID, the session ID will always be the same. An attacker could thus predict any user's session ID and potentially hijack the session.

If the user IDs are generated sequentially, or otherwise restricted to a narrow range of values, then this example also exhibits a Small Seed Space (CWE-339).

Excerpts from CWE [https://cwe.mitre.org], Copyright (C) 2006-2026, the MITRE Corporation. See section 9.4. "3rd-Party Licenses" in the documentation for full details.

Possible Messages

Key	Text	Severity	Disabled
same_seed	A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

prngs

prngs : set[bauhaus.analysis.config.QualifiedName] = {'srand', 'std::srand'}

Qualified names of calls to random number generators.

 

routines_returning_constant_value

routines_returning_constant_value : set[bauhaus.analysis.config.QualifiedName] = {'geteuid', 'getpwuid', 'getuid'}

Routines that should be considered as returning a constant seed (even though they might not in fact return the same value for each call).