HPCC-18585 Replace uses of rand() with fastRand()

Coverity can warn of an unsafe usage of rand(), where we want
a fast random call and know it's in a safe context explicitly use
one.
With an initial implementation that simply wraps rand() with a
coverity comment to suppress the WEAK_CRYPTO Coverity warning.

Signed-off-by: Jake Smith <jake.smith@lexisnexisrisk.com>

common/remote/rmtspawn.cpp

@@ -217,7 +217,7 @@ ISocket * spawnRemoteChild(SpawnKind kind, const char * exe, const SocketEndpoin
                         LOG(MCdetailDebugInfo, unknownJob, "Failed to connect to correct slave (%d,%d/%d) - try again later",connected,replyTag,slaveTag);
 
                     //Wrong slave listening, need to leave time for the other, don't count as an attempt
-                    MilliSleep(rand() % 5000 + 5000);
+                    MilliSleep(fastRand() % 5000 + 5000);
                 }
                 catch (IException * e)
                 {
@@ -238,7 +238,7 @@ ISocket * spawnRemoteChild(SpawnKind kind, const char * exe, const SocketEndpoin
             LOG(MCdetailDebugInfo, unknownJob, e, s.appendf("Failed to connect to slave (%d) (try again): ", replyTag).str());
             e->Release();
             // No socket listening or contention - try again fairly soon
-            MilliSleep(rand()%400+100);
+            MilliSleep(fastRand()%400+100);
             attempts--;
         }
 
@@ -375,7 +375,7 @@ bool CRemoteParentInfo::sendReply(unsigned version)
             EXCLOG(e, "Failed to create master listener: ");
             e->Release();
         }
-        MilliSleep(rand() % 3000 + 2000);
+        MilliSleep(fastRand() % 3000 + 2000);
     }
 
     return false;

dali/datest/datest.cpp

@@ -1137,8 +1137,8 @@ public:
                 throw MakeStringException(-1, "Failed to connect to path %s", path.get());
             IPropertyTree *root = conn->queryRoot();
 
-            root->setPropInt("TTestProp1", rand());
-            root->setPropInt("TTestProp2", rand());
+            root->setPropInt("TTestProp1", fastRand());
+            root->setPropInt("TTestProp2", fastRand());
         }
         catch (IException *e)
         {
@@ -1316,7 +1316,7 @@ public:
     {
         for (;;)
         {
-            conn->queryRoot()->setPropInt("testprop", rand()*100);
+            conn->queryRoot()->setPropInt("testprop", fastRand()*100);
             conn->commit();
             if (id1)
             {
@@ -1816,7 +1816,7 @@ public:
         srand( (unsigned)time( NULL ) );
         try
         {
-            unsigned extra = rand()%2 ? RTM_LOCK_SUB : 0;
+            unsigned extra = fastRand()%2 ? RTM_LOCK_SUB : 0;
             Owned<IRemoteConnection> conn2 = querySDS().connect(path, myProcessSession(), RTM_CREATE_QUERY|RTM_LOCK_WRITE|extra, 1000);
         }
         catch (IException *e)
@@ -1886,7 +1886,7 @@ void TestSubLocks()
     unsigned i;
     for (i=0; i<num; i++)
     {
-        CSubTest * t = new CSubTest(paths.item(rand()%paths.ordinality()));
+        CSubTest * t = new CSubTest(paths.item(fastRand()%paths.ordinality()));
         threads.append(* t);
     }
     PrintLog("joining");

dali/ft/fttransform.cpp

@@ -560,7 +560,7 @@ void TransferServer::appendTransformed(unsigned chunkIndex, ITransformer * input
                 MilliSleep(delay*(getRandom()%100)/50);
         }
 #ifdef _WIN32
-        if (gpfFrequency && ((rand() % gpfFrequency) == 0))
+        if (gpfFrequency && ((fastRand() % gpfFrequency) == 0))
         {
             LOG(MCdebugInfo, unknownJob, "About to crash....");
             *(char *)0 = 0;
@@ -597,7 +597,7 @@ void TransferServer::deserializeAction(MemoryBuffer & msg, unsigned action)
     msg.read(isSafeMode);
 
     srand((unsigned)get_cycles_now());
-    int adjust = (rand() * rand() * rand()) % updateFrequency - (updateFrequency/2);
+    int adjust = fastRand() % updateFrequency - (updateFrequency/2);
     lastTick = msTick() + adjust;
 
     StringBuffer localFilename;

esp/tools/soapplus/http.cpp

@@ -892,7 +892,7 @@ public:
                         int delay = 0;
                         if(delaymin < delaymax)
                         {
-                            delay = delaymin + (rand() % (delaymax - delaymin));
+                            delay = delaymin + (fastRand() % (delaymax - delaymin));
                         }
                         else
                         {

plugins/couchbase/couchbaseembed.cpp

@@ -546,8 +546,7 @@ namespace couchbaseembed
                     // use a small loop to retry connections if necessary
                     unsigned int connectAttempt = 0;
                     unsigned int MAX_ATTEMPTS = 10;
-                    // coverity[DC.WEAK_CRYPTO]
-                    useconds_t SLEEP_TIME = 100 + (rand() % 200); // Add jitter to sleep time
+                    useconds_t SLEEP_TIME = 100 + (fastRand() % 200); // Add jitter to sleep time
 
                     while (true)
                     {

roxie/ccd/ccdqueue.cpp

@@ -909,7 +909,7 @@ public:
             {
                 if (lim > headRegionSize)
                     lim = headRegionSize;
-                return waiting.dequeue(rand() % lim);
+                return waiting.dequeue(fastRand() % lim);
             }
             return waiting.dequeue();
         }

roxie/ccd/ccdserver.cpp

@@ -28205,7 +28205,7 @@ protected:
         // Random
         for (i=0; i<2000; i++)
         {
-            unsigned r = rand() % 1500;
+            unsigned r = fastRand() % 1500;
             sprintf(input[i], "%04d", r);
             sprintf(output[i], "%04d", r);
         }

rtl/eclrtl/rtlbcdtest.cpp

@@ -178,10 +178,10 @@ protected:
         for (int i = 0; i < 1000; i++)
         {
             // 14-digit numbers, multiplications can't pass 28 digits (32 max)
-            unsigned __int64 val1 = ((__int64) rand() << 16) | rand();
-            unsigned __int64 val2 = ((__int64) rand() << 16) | rand();
-            unsigned __int64 val3 = ((__int64) rand() << 16) | rand();
-            unsigned __int64 val4 = ((__int64) rand() << 16) | rand();
+            unsigned __int64 val1 = ((__int64) fastRand() << 16) | fastRand();
+            unsigned __int64 val2 = ((__int64) fastRand() << 16) | fastRand();
+            unsigned __int64 val3 = ((__int64) fastRand() << 16) | fastRand();
+            unsigned __int64 val4 = ((__int64) fastRand() << 16) | fastRand();
 
             for (int i = 0; i < 2; i++)
             {

services/runagent/frunagent.cpp

@@ -193,7 +193,7 @@ void cmd_dispatch::action()
                 if (!success)
                 {
                     srand(GetCurrentThreadId()+clock());
-                    MilliSleep((rand() * 3000) / RAND_MAX);
+                    MilliSleep((fastRand() * 3000) / RAND_MAX);
                 }
             }
             else 

system/jlib/jmisc.cpp

@@ -1008,7 +1008,7 @@ char *mkdtemp(char *_template)
     char * tail = _template + strlen(_template) - 6;
     for (int i = 0; i < 100; i++)
     {
-        snprintf(tail, 7, "%06d", rand());
+        snprintf(tail, 7, "%06d", fastRand());
         if (!_mkdir(_template))
             return _template;
         if (errno != EEXIST)

system/jlib/jutil.hpp

@@ -142,6 +142,15 @@ jlib_decl int rand_r(unsigned int *seed);
 
 #endif
 
+inline int fastRand()
+{
+    // rand() causes Coverity can issue a 'WEAK_CRYPTO' warning, but we only use fastRand() where deemed safe to do so.
+
+    // coverity[DC.WEAK_CRYPTO]
+    return rand();
+}
+
+
 interface IShuffledIterator: extends IInterface
 {
     virtual void seed(unsigned seedval)=0;  // ony required for repeatability