diff --git a/model/share.go b/model/share.go index 3a18bed11..e63df3b12 100644 --- a/model/share.go +++ b/model/share.go @@ -42,7 +42,7 @@ func (s Share) CoverArtID() ArtworkID { case "artist": return Artist{ID: ids[0]}.CoverArtID() } - rnd := random.Int64(len(s.Tracks)) + rnd := random.Int64N(len(s.Tracks)) return s.Tracks[rnd].CoverArtID() } diff --git a/server/backgrounds/handler.go b/server/backgrounds/handler.go index 76297f2ee..dfaa2f4d6 100644 --- a/server/backgrounds/handler.go +++ b/server/backgrounds/handler.go @@ -51,7 +51,7 @@ func (h *Handler) getRandomImage(ctx context.Context) (string, error) { if len(list) == 0 { return "", errors.New("no images available") } - rnd := random.Int64(len(list)) + rnd := random.Int64N(len(list)) return list[rnd], nil } diff --git a/utils/hasher/hasher.go b/utils/hasher/hasher.go index b72b0409f..7c5b0e1ae 100644 --- a/utils/hasher/hasher.go +++ b/utils/hasher/hasher.go @@ -2,8 +2,9 @@ package hasher import ( "hash/maphash" - "math/rand/v2" "strconv" + + "github.com/navidrome/navidrome/utils/random" ) var instance = NewHasher() @@ -43,7 +44,7 @@ func (h *Hasher) Reseed(id string) { } func (h *Hasher) reseed(id string) string { - seed := strconv.FormatUint(rand.Uint64(), 36) + seed := strconv.FormatUint(random.Uint64(), 36) h.seeds[id] = seed return seed } diff --git a/utils/random/number.go b/utils/random/number.go index 5ecb816e2..80c242c38 100644 --- a/utils/random/number.go +++ b/utils/random/number.go @@ -2,12 +2,23 @@ package random import ( "crypto/rand" + "encoding/binary" "math/big" "golang.org/x/exp/constraints" ) -func Int64[T constraints.Integer](max T) int64 { +// Int64N returns a random int64 between 0 and max. +// This is a reimplementation of math/rand/v2.Int64N using a cryptographically secure random number generator. +func Int64N[T constraints.Integer](max T) int64 { rnd, _ := rand.Int(rand.Reader, big.NewInt(int64(max))) return rnd.Int64() } + +// Uint64 returns a random uint64. +// This is a reimplementation of math/rand/v2.Uint64 using a cryptographically secure random number generator. +func Uint64() uint64 { + buffer := make([]byte, 8) + _, _ = rand.Read(buffer) + return binary.BigEndian.Uint64(buffer) +} diff --git a/utils/random/number_test.go b/utils/random/number_test.go index 940f2934a..b591ae257 100644 --- a/utils/random/number_test.go +++ b/utils/random/number_test.go @@ -14,10 +14,10 @@ func TestRandom(t *testing.T) { } var _ = Describe("number package", func() { - Describe("Int64", func() { + Describe("Int64N", func() { It("should return a random int64", func() { for i := 0; i < 10000; i++ { - Expect(random.Int64(100)).To(BeNumerically("<", 100)) + Expect(random.Int64N(100)).To(BeNumerically("<", 100)) } }) }) diff --git a/utils/random/weighted_random_chooser.go b/utils/random/weighted_random_chooser.go index 0ae5c8562..f382ab4dc 100644 --- a/utils/random/weighted_random_chooser.go +++ b/utils/random/weighted_random_chooser.go @@ -43,7 +43,7 @@ func (w *WeightedChooser[T]) weightedChoice() (int, error) { if len(w.entries) == 0 { return 0, errors.New("cannot choose from empty list") } - rnd := Int64(w.totalWeight) + rnd := Int64N(w.totalWeight) for i, weight := range w.weights { rnd -= int64(weight) if rnd < 0 {