Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-10-13 11:39:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

security fix: Use of insufficient randomness as the key of a cryptographic algorithm

Browse source
This commit is contained in:
mhsanaei 2025-09-21 17:59:17 +02:00
parent e64e6327ef
commit ae79b43cdb
No known key found for this signature in database
GPG key ID: D875CD086CF668A0
1 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
util/random/random.go
View file

@ -2,7 +2,8 @@
package random package random
import ( import (
"math/rand" "crypto/rand"
"math/big"
) )
var ( var (
@ -40,12 +41,21 @@ func init() {
func Seq(n int) string { func Seq(n int) string {
runes := make([]rune, n) runes := make([]rune, n)
for i := 0; i < n; i++ { for i := 0; i < n; i++ {
runes[i] = allSeq[rand.Intn(len(allSeq))] idx, err := rand.Int(rand.Reader, big.NewInt(int64(len(allSeq))))
if err != nil {
panic("crypto/rand failed: " + err.Error())
}
runes[i] = allSeq[idx.Int64()]
} }
return string(runes) return string(runes)
} }
// Num generates a random integer between 0 and n-1. // Num generates a random integer between 0 and n-1.
func Num(n int) int { func Num(n int) int {
return rand.Intn(n) bn := big.NewInt(int64(n))
r, err := rand.Int(rand.Reader, bn)
if err != nil {
panic("crypto/rand failed: " + err.Error())
}
return int(r.Int64())
} }