Details

    • Type: Bug Detection
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Message:
      Save and re-use this "Random".
    • Default Severity:
      Critical
    • Impact:
      High
    • Likelihood:
      Low
    • Default Quality Profiles:
      Sonar way
    • Covered Languages:
      Java
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      5min
    • Analysis Scope:
      Main Sources, Test Sources
    • Common Rule:
      Yes
    • OWASP:
      A6
    • FindBugs:
      DMI_RANDOM_USED_ONLY_ONCE

      Description

      Creating a new Random object each time a random value is needed is inefficient and may produce numbers which are not random depending on the JDK. For better efficiency and randomness, create a single Random, then store, and reuse it.

      The Random() constructor tries to set the seed with a distinct value every time. However there is no guarantee that the seed will be random or even uniformly distributed. Some JDK will use the current time as seed, which makes the generated numbers not random at all.

      This rule finds cases where a new Random is created each time a method is invoked and assigned to a local random variable.

      Noncompliant Code Example

      public void doSomethingCommon() {
        Random rand = new Random();  // Noncompliant; new instance created with each invocation
        int rValue = rand.nextInt();
        //...
      

      Compliant Solution

      private Random rand = SecureRandom.getInstanceStrong();  // SecureRandom is preferred to Random
      
      public void doSomethingCommon() {
        int rValue = this.rand.nextInt();
        //...
      

      See

      Exceptions

      A class which uses a Random in its constructor or in a static main function and nowhere else will be ignored by this rule.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                ann.campbell.2 Ann Campbell
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: