Skip to content

Commit 26aaea7

Browse files
authored
fix: use crypto/rand instead of math/rand (#291)
Signed-off-by: Chris Gianelloni <[email protected]>
1 parent a80a172 commit 26aaea7

File tree

1 file changed

+23
-8
lines changed

1 file changed

+23
-8
lines changed

internal/dns/dns.go

Lines changed: 23 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2024 Blink Labs Software
1+
// Copyright 2025 Blink Labs Software
22
//
33
// Use of this source code is governed by an MIT-style
44
// license that can be found in the LICENSE file or at
@@ -9,7 +9,8 @@ package dns
99
import (
1010
"fmt"
1111
"log/slog"
12-
"math/rand"
12+
"crypto/rand"
13+
"math/big"
1314
"net"
1415
"os"
1516
"strings"
@@ -326,7 +327,11 @@ func randomNameserverAddress(nameservers map[string][]net.IP) net.IP {
326327
tmpNameservers = append(tmpNameservers, addresses...)
327328
}
328329
if len(tmpNameservers) > 0 {
329-
tmpNameserver := tmpNameservers[rand.Intn(len(tmpNameservers))]
330+
n, err := rand.Int(rand.Reader, big.NewInt(int64(len(tmpNameservers))))
331+
if err != nil {
332+
return nil
333+
}
334+
tmpNameserver := tmpNameservers[n.Int64()]
330335
return tmpNameserver
331336
}
332337
return nil
@@ -511,12 +516,20 @@ func randomNameserver(nameservers map[string][]net.IP) (string, string) {
511516
mapKeys = append(mapKeys, k)
512517
}
513518
if len(mapKeys) > 0 {
514-
randNsName := mapKeys[rand.Intn(len(mapKeys))]
519+
n, err := rand.Int(rand.Reader, big.NewInt(int64(len(mapKeys))))
520+
if err != nil {
521+
return "", ""
522+
}
523+
randNsName := mapKeys[n.Int64()]
515524
randNsAddresses := nameservers[randNsName]
516525
if randNsAddresses == nil {
517526
return "", ""
518527
}
519-
randNsAddress := randNsAddresses[rand.Intn(len(randNsAddresses))].String()
528+
n, err = rand.Int(rand.Reader, big.NewInt(int64(len(randNsAddresses))))
529+
if err != nil {
530+
return "", ""
531+
}
532+
randNsAddress := randNsAddresses[n.Int64()].String()
520533
return randNsName, randNsAddress
521534
}
522535
return "", ""
@@ -531,9 +544,11 @@ func createQuery(recordName string, recordType uint16) *dns.Msg {
531544

532545
func randomFallbackServer() string {
533546
cfg := config.GetConfig()
534-
return cfg.Dns.FallbackServers[rand.Intn(
535-
len(cfg.Dns.FallbackServers),
536-
)]
547+
n, err := rand.Int(rand.Reader, big.NewInt(int64(len(cfg.Dns.FallbackServers))))
548+
if err != nil {
549+
return ""
550+
}
551+
return cfg.Dns.FallbackServers[n.Int64()]
537552
}
538553

539554
func formatMessageAnswerSection(section []dns.RR) string {

0 commit comments

Comments
 (0)