rfc:random_migration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

rfc:random_migration [2022/12/21 16:21] – initial zeriyoshirfc:random_migration [2022/12/21 16:29] (current) – add link zeriyoshi
Line 25: Line 25:
 All of these functions have global scope issues described in the Random Extension RFC. All of these functions have global scope issues described in the Random Extension RFC.
  
-The rand() and mt_srand() functions can be used without performing explicit seeding, but the seed value used in this case is not reproducible because it uses random_int() internally. In most cases, it is better to use random_int() directly. Also, srand() and mt_srand() are undesirable from a security standpoint because they use a low-quality linear congruence method to generate the seed value as a fallback if a secure seed value cannot be generated.+The rand() and mt_srand() functions can be used without performing explicit seeding, but the seed value used in this case is not reproducible because it uses random_int() internally. *1 In most cases, it is better to use random_int() directly. Also, srand() and mt_srand() are undesirable from a security standpoint because they use a low-quality linear congruence method to generate the seed value as a fallback *2 if a secure seed value cannot be generated.
  
 If reproducibility is required, we should use \Random\Randomizer, which does not have the global scope issue. If reproducibility is required, we should use \Random\Randomizer, which does not have the global scope issue.
 +
 +  - https://github.com/php/php-src/blob/7f0b228f48ad29c13a84dc8c8bc050f34d3a855a/ext/random/engine_mt19937.c#L240
 +  - https://github.com/php/php-src/blob/f9a1a903805a0c260c97bcc8bf2c14f2dd76ca76/ext/random/php_random.h#L67
  
 === lcg_value() function === === lcg_value() function ===
rfc/random_migration.1671639713.txt.gz · Last modified: 2022/12/21 16:21 by zeriyoshi

Page Tools