This diagnostic rule detects cases where a pseudo-random number generator is used. It may result in insufficient randomness or predictability of the generated number.
Case 1.
Creating a new object of the 'Random' type every time a random value is required. This is inefficient and may result in creating numbers that are not random enough, depending on the JDK.
Here is an example:
public void test() {
Random rnd = new Random();
}For a more efficient and random distribution, create an instance of the 'Random' class, save it, and reuse it.
static Random rnd = new Random();
public void test() {
int i = rnd.nextInt();
}Case 2.
The analyzer detected suspicious code that initializes the pseudo-random number generator with a constant value.
public void test() {
Random rnd = new Random(4040);
}Numbers generated by such a generator are predictable — they are repeated every time the program runs. To avoid this, do not use a constant number. For example, you can use the current system time instead:
static Random rnd = new Random(System.currentTimeMillis());
public void test() {
int i = rnd.nextInt();
}This diagnostic is classified as: