Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace std::random_shuffle with std::shuffle #5727

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@tomsmeding
Copy link
Contributor

commented Jul 3, 2019

According to the docs, std::random_shuffle is deprecated in C++14 and removed in C++17. Since std::shuffle is available since C++11 as a replacement and monero already requires C++11, I think it is a good idea to use std::shuffle instead.

The choice of random number generator was inspired by the other usages of std::shuffle in the codebase; since the original std::random_shuffle made no guarantees whatsoever about the quality of its randomness, this does not introduce problems there.

Replace std::random_shuffle with std::shuffle
According to [1], std::random_shuffle is deprecated in C++14 and removed
in C++17. Since std::shuffle is available since C++11 as a replacement
and monero already requires C++11, this is a good replacement.

[1]: https://en.cppreference.com/w/cpp/algorithm/random_shuffle
@@ -290,7 +290,7 @@ namespace nodetool

if (anonymize)
{
std::random_shuffle(bs_head.begin(), bs_head.end());
std::shuffle(bs_head.begin(), bs_head.end(), std::default_random_engine(crypto::rand<unsigned>()));

This comment has been minimized.

Copy link
@vtnerd

vtnerd Jul 9, 2019

Contributor

I would switch this to:

std::shuffle(bs_head.begin(), bs_head.end(), crypto::random_device{});

the std::default_random_engine doesn't have to be a "cryptographically secure" RNG. Otherwise this should be suitable for test purposes.

This comment has been minimized.

Copy link
@tomsmeding

tomsmeding Jul 9, 2019

Author Contributor

This would of course be an easy change. If this is necessary here, though, does this solve a bug in the original code? std::random_shuffle also doesn't use a cryptographically secure RNG.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.