Apache
/
commons-lang
mirror of https://github.com/apache/commons-lang.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[LANG-1750] Using RandomStringUtils.insecure() still leads to using the 

secure() random
This commit is contained in:
Gary Gregory 2024-08-13 19:45:15 -04:00
parent 07dd0ca548
commit f92016c288
3 changed files with 25 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/changes/changes.xml
View File

@ -47,6 +47,7 @@ The <action> type attribute can be add,update,fix,remove.
<body> <body>
<release version="3.17.0" date="YYYY-MM-DD" description="This is a feature and maintenance release. Java 8 or later is required."> <release version="3.17.0" date="YYYY-MM-DD" description="This is a feature and maintenance release. Java 8 or later is required.">
<!-- FIX --> <!-- FIX -->
<action issue="LANG-1760" type="fix" dev="ggregory" due-to="Marco Hoek, Gary Gregory">Using RandomStringUtils.insecure() still leads to using the secure() random.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomUtils.next*() methods in favor or .secure() and .insecure() versions.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomUtils.next*() methods in favor or .secure() and .insecure() versions.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomStringUtils.random*() methods in favor or .secure() and .insecure() versions.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">Deprecate static RandomStringUtils.random*() methods in favor or .secure() and .insecure() versions.</action>
<!-- ADD --> <!-- ADD -->

32
src/main/java/org/apache/commons/lang3/RandomStringUtils.java
View File

@ -229,9 +229,7 @@ public class RandomStringUtils {
* @throws ArrayIndexOutOfBoundsException if there are not {@code (end - start) + 1} characters in the set array. * @throws ArrayIndexOutOfBoundsException if there are not {@code (end - start) + 1} characters in the set array.
* @throws IllegalArgumentException if {@code count} &lt; 0 or the provided chars array is empty. * @throws IllegalArgumentException if {@code count} &lt; 0 or the provided chars array is empty.
* @since 2.0 * @since 2.0
* @deprecated Use {@link #secure()} or {@link #insecure()}.
*/ */
@Deprecated
public static String random(int count, int start, int end, final boolean letters, final boolean numbers, public static String random(int count, int start, int end, final boolean letters, final boolean numbers,
final char[] chars, final Random random) { final char[] chars, final Random random) {
if (count == 0) { if (count == 0) {
@ -645,7 +643,7 @@ public class RandomStringUtils {
* @since 3.16.0 * @since 3.16.0
*/ */
public String next(final int count) { public String next(final int count) {
return random(count, false, false); return next(count, false, false);
} }
/** /**
@ -663,7 +661,7 @@ public class RandomStringUtils {
* @since 3.16.0 * @since 3.16.0
*/ */
public String next(final int count, final boolean letters, final boolean numbers) { public String next(final int count, final boolean letters, final boolean numbers) {
return random(count, 0, 0, letters, numbers); return next(count, 0, 0, letters, numbers);
} }
/** /**
@ -748,7 +746,7 @@ public class RandomStringUtils {
if (chars == null) { if (chars == null) {
return random(count, 0, 0, false, false, null, random()); return random(count, 0, 0, false, false, null, random());
} }
return random(count, chars.toCharArray()); return next(count, chars.toCharArray());
} }
/** /**
@ -763,7 +761,7 @@ public class RandomStringUtils {
* @throws IllegalArgumentException if {@code count} &lt; 0. * @throws IllegalArgumentException if {@code count} &lt; 0.
*/ */
public String nextAlphabetic(final int count) { public String nextAlphabetic(final int count) {
return random(count, true, false); return next(count, true, false);
} }
/** /**
@ -779,7 +777,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextAlphabetic(final int minLengthInclusive, final int maxLengthExclusive) { public String nextAlphabetic(final int minLengthInclusive, final int maxLengthExclusive) {
return randomAlphabetic(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextAlphabetic(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**
@ -794,7 +792,7 @@ public class RandomStringUtils {
* @throws IllegalArgumentException if {@code count} &lt; 0. * @throws IllegalArgumentException if {@code count} &lt; 0.
*/ */
public String nextAlphanumeric(final int count) { public String nextAlphanumeric(final int count) {
return random(count, true, true); return next(count, true, true);
} }
/** /**
@ -810,7 +808,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextAlphanumeric(final int minLengthInclusive, final int maxLengthExclusive) { public String nextAlphanumeric(final int minLengthInclusive, final int maxLengthExclusive) {
return randomAlphanumeric(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextAlphanumeric(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**
@ -826,7 +824,7 @@ public class RandomStringUtils {
* @throws IllegalArgumentException if {@code count} &lt; 0. * @throws IllegalArgumentException if {@code count} &lt; 0.
*/ */
public String nextAscii(final int count) { public String nextAscii(final int count) {
return random(count, 32, 127, false, false); return next(count, 32, 127, false, false);
} }
/** /**
@ -843,7 +841,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextAscii(final int minLengthInclusive, final int maxLengthExclusive) { public String nextAscii(final int minLengthInclusive, final int maxLengthExclusive) {
return randomAscii(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextAscii(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**
@ -860,7 +858,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextGraph(final int count) { public String nextGraph(final int count) {
return random(count, 33, 126, false, false); return next(count, 33, 126, false, false);
} }
/** /**
@ -876,7 +874,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextGraph(final int minLengthInclusive, final int maxLengthExclusive) { public String nextGraph(final int minLengthInclusive, final int maxLengthExclusive) {
return randomGraph(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextGraph(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**
@ -891,7 +889,7 @@ public class RandomStringUtils {
* @throws IllegalArgumentException if {@code count} &lt; 0. * @throws IllegalArgumentException if {@code count} &lt; 0.
*/ */
public String nextNumeric(final int count) { public String nextNumeric(final int count) {
return random(count, false, true); return next(count, false, true);
} }
/** /**
@ -907,7 +905,7 @@ public class RandomStringUtils {
* @since 3.5 * @since 3.5
*/ */
public String nextNumeric(final int minLengthInclusive, final int maxLengthExclusive) { public String nextNumeric(final int minLengthInclusive, final int maxLengthExclusive) {
return randomNumeric(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextNumeric(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**
@ -925,7 +923,7 @@ public class RandomStringUtils {
* @since 3.16.0 * @since 3.16.0
*/ */
public String nextPrint(final int count) { public String nextPrint(final int count) {
return random(count, 32, 126, false, false); return next(count, 32, 126, false, false);
} }
/** /**
@ -941,7 +939,7 @@ public class RandomStringUtils {
* @since 3.16.0 * @since 3.16.0
*/ */
public String nextPrint(final int minLengthInclusive, final int maxLengthExclusive) { public String nextPrint(final int minLengthInclusive, final int maxLengthExclusive) {
return randomPrint(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive)); return nextPrint(randomUtils().randomInt(minLengthInclusive, maxLengthExclusive));
} }
/** /**

18
src/main/java/org/apache/commons/lang3/RandomUtils.java
View File

@ -308,11 +308,11 @@ public class RandomUtils {
* Generates a random double between 0 (inclusive) and Double.MAX_VALUE (exclusive). * Generates a random double between 0 (inclusive) and Double.MAX_VALUE (exclusive).
* *
* @return the random double * @return the random double
* @see #nextDouble(double, double) * @see #randomDouble(double, double)
* @since 3.16.0 * @since 3.16.0
*/ */
public double randomDouble() { public double randomDouble() {
return nextDouble(0, Double.MAX_VALUE); return randomDouble(0, Double.MAX_VALUE);
} }
/** /**
@ -338,11 +338,11 @@ public class RandomUtils {
* Generates a random float between 0 (inclusive) and Float.MAX_VALUE (exclusive). * Generates a random float between 0 (inclusive) and Float.MAX_VALUE (exclusive).
* *
* @return the random float * @return the random float
* @see #nextFloat(float, float) * @see #randomFloat(float, float)
* @since 3.16.0 * @since 3.16.0
*/ */
public float randomFloat() { public float randomFloat() {
return nextFloat(0, Float.MAX_VALUE); return randomFloat(0, Float.MAX_VALUE);
} }
/** /**
@ -367,11 +367,11 @@ public class RandomUtils {
* Generates a random int between 0 (inclusive) and Integer.MAX_VALUE (exclusive). * Generates a random int between 0 (inclusive) and Integer.MAX_VALUE (exclusive).
* *
* @return the random integer * @return the random integer
* @see #nextInt(int, int) * @see #randomInt(int, int)
* @since 3.16.0 * @since 3.16.0
*/ */
public int randomInt() { public int randomInt() {
return nextInt(0, Integer.MAX_VALUE); return randomInt(0, Integer.MAX_VALUE);
} }
/** /**
@ -397,11 +397,11 @@ public class RandomUtils {
* Generates a random long between 0 (inclusive) and Long.MAX_VALUE (exclusive). * Generates a random long between 0 (inclusive) and Long.MAX_VALUE (exclusive).
* *
* @return the random long * @return the random long
* @see #nextLong(long, long) * @see #randomLong(long, long)
* @since 3.16.0 * @since 3.16.0
*/ */
public long randomLong() { public long randomLong() {
return nextLong(Long.MAX_VALUE); return randomLong(Long.MAX_VALUE);
} }
/** /**
@ -437,7 +437,7 @@ public class RandomUtils {
if (startInclusive == endExclusive) { if (startInclusive == endExclusive) {
return startInclusive; return startInclusive;
} }
return startInclusive + nextLong(endExclusive - startInclusive); return startInclusive + randomLong(endExclusive - startInclusive);
} }
@Override @Override