Fix code scanning alert no. 2: Insecure randomness

gnongsie · github-advanced-security[bot] · web-flow · commit 9829236a6582 · 2024-10-30T12:41:46.000+05:30
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/test/utils.js b/test/utils.js
@@ -1,15 +1,19 @@
 'use strict';
 
+const crypto = require('crypto');
+
 function getRandomString(text){
-	return text + Math.floor((Math.random() * 100000) + 1);
+	const randomInt = crypto.randomBytes(4).readUInt32BE(0) % 100000 + 1;
+	return text + randomInt;
 }
 
 function getRandomInt(){
-	return Math.floor((Math.random() * 100000) + 1);
+	return crypto.randomBytes(4).readUInt32BE(0) % 100000 + 1;
 }
 
 function getRandomAmount(){
-	return ((Math.random() * 1000) + 1).toFixed(2);
+	const randomFloat = crypto.randomBytes(4).readUInt32BE(0) / 0xFFFFFFFF;
+	return ((randomFloat * 1000) + 1).toFixed(2);
 }
 
 function getDate(){

Original file line number	Diff line number	Diff line change
`@@ -1,15 +1,19 @@`
`1`	`1`	`'use strict';`
`2`	`2`
	`3`	`+const crypto = require('crypto');`
	`4`	`+`
`3`	`5`	`function getRandomString(text){`
`4`		`- return text + Math.floor((Math.random() * 100000) + 1);`
	`6`	`+ const randomInt = crypto.randomBytes(4).readUInt32BE(0) % 100000 + 1;`
	`7`	`+ return text + randomInt;`
`5`	`8`	`}`
`6`	`9`
`7`	`10`	`function getRandomInt(){`
`8`		`- return Math.floor((Math.random() * 100000) + 1);`
	`11`	`+ return crypto.randomBytes(4).readUInt32BE(0) % 100000 + 1;`
`9`	`12`	`}`
`10`	`13`
`11`	`14`	`function getRandomAmount(){`
`12`		`- return ((Math.random() * 1000) + 1).toFixed(2);`
	`15`	`+ const randomFloat = crypto.randomBytes(4).readUInt32BE(0) / 0xFFFFFFFF;`
	`16`	`+ return ((randomFloat * 1000) + 1).toFixed(2);`
`13`	`17`	`}`
`14`	`18`
`15`	`19`	`function getDate(){`