Details
-
Type: Bug
-
Status: Closed
-
Priority: Major
-
Resolution: Won't Fix
-
Affects Version/s: 1.7.1
-
Fix Version/s: None
-
Component/s: Framework
-
Labels:None
-
Environment:Java 1.5 + Tomcat 6.0
Windows / Linux
Description
the IdGenerator class uses new Random() and throws away that instance.
there is a RandomNumberGenerator but it is not used in the IdGernerator.
we have dynamic created content (images for buttons) which are mixed up spontaneously. It seems to be related to the generated id's.
findbugs explains this possible bug like this:
DMI_RANDOM_USED_ONLY_ONCE: Random object created and used only once
This code creates a java.util.Random object, uses it to generate one random number, and then discards the Random object. This produces mediocre quality random numbers and is inefficient. If possible, rewrite the code so that the Random object is created once and saved, and each time a new random number is required invoke a method on the existing Random object to obtain it.
If it is important that the generated Random numbers not be guessable, you must not create a new Random for each random number; the values are too easily guessable. You should strongly consider using a java.security.SecureRandom instead (and avoid allocating a new SecureRandom for each random number needed).
there is a RandomNumberGenerator but it is not used in the IdGernerator.
we have dynamic created content (images for buttons) which are mixed up spontaneously. It seems to be related to the generated id's.
findbugs explains this possible bug like this:
DMI_RANDOM_USED_ONLY_ONCE: Random object created and used only once
This code creates a java.util.Random object, uses it to generate one random number, and then discards the Random object. This produces mediocre quality random numbers and is inefficient. If possible, rewrite the code so that the Random object is created once and saved, and each time a new random number is required invoke a method on the existing Random object to obtain it.
If it is important that the generated Random numbers not be guessable, you must not create a new Random for each random number; the values are too easily guessable. You should strongly consider using a java.security.SecureRandom instead (and avoid allocating a new SecureRandom for each random number needed).
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Werner Mueller
created issue -
Mark Collette
made changes -
Field | Original Value | New Value |
---|---|---|
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Won't Fix [ 2 ] |
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |