Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How is rand() broken? It seems to produce random-ish values, which is what it's for. It obviously doesn't produce cryptographically secure random values, but that's expected (and reflects other languages' equivalent functions). For a decently random integer that's quick to compute, rand() works just fine.


RAND_MAX is only guaranteed to be at least 32767. So if you use `rand() % 10000` you'll have real biased towards 0-2767, even `rand() % 1000` is already not uniform (biased towards 0-767). And that assumes rand() is good uniform from 0-RAND_MAX in the first place.


> The function rand() is not reentrant or thread-safe, since it uses hidden state that is modified on each call.

It cannot be called safely from a multi-threaded application for one




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: