hg
/
FONGMITV
mirror of https://github.com/FongMi/TV.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #347 from Pixee-Bot-Java/pixeebot/drip-2024-03-03-pixee-java/secure-random

Browse Source 
Introduced protections against predictable RNG abuse
pull/357/head
FongMi 2 years ago committed by GitHub
parent 6bca97e586 d70d9a07e6
commit edd0e7ebbe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 6 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      app/src/mobile/java/com/fongmi/android/tv/ui/fragment/VodFragment.java
  2. 3
      quickjs/src/main/java/com/fongmi/quickjs/utils/Connect.java
  3. 3
      thunder/src/main/java/com/xunlei/downloadlib/android/XLUtil.java

3
app/src/mobile/java/com/fongmi/android/tv/ui/fragment/VodFragment.java
Unescape View File

@ -54,6 +54,7 @@ import com.github.catvod.net.OkHttp;
import com.github.catvod.utils.Trans;
import com.google.common.net.HttpHeaders;
import com.permissionx.guolindev.PermissionX;
import java.security.SecureRandom;
import org.greenrobot.eventbus.EventBus;
import org.greenrobot.eventbus.Subscribe;
@ -161,7 +162,7 @@ public class VodFragment extends BaseFragment implements SiteCallback, FilterCal
private void updateHot() {
App.post(mRunnable, 10 * 1000);
if (mHots.isEmpty() || mHots.size() < 10) return;
mBinding.hot.setText(mHots.get(new Random().nextInt(11)));
mBinding.hot.setText(mHots.get(new SecureRandom().nextInt(11)));
}
private Result handle(Result result) {

3
quickjs/src/main/java/com/fongmi/quickjs/utils/Connect.java
Unescape View File

@ -7,6 +7,7 @@ import com.github.catvod.utils.Util;
import com.google.common.net.HttpHeaders;
import com.whl.quickjs.wrapper.JSObject;
import com.whl.quickjs.wrapper.QuickJSContext;
import java.security.SecureRandom;
import java.util.List;
import java.util.Map;
@ -84,7 +85,7 @@ public class Connect {
}
private static RequestBody getFormDataBody(Req req) {
String boundary = "--dio-boundary-" + new Random().nextInt(42949) + "" + new Random().nextInt(67296);
String boundary = "--dio-boundary-" + new SecureRandom().nextInt(42949) + "" + new SecureRandom().nextInt(67296);
MultipartBody.Builder builder = new MultipartBody.Builder(boundary).setType(MultipartBody.FORM);
Map<String, String> params = Json.toMap(req.getData());
for (String key : params.keySet()) builder.addFormDataPart(key, params.get(key));

3
thunder/src/main/java/com/xunlei/downloadlib/android/XLUtil.java
Unescape View File

@ -1,6 +1,7 @@
package com.xunlei.downloadlib.android;
import android.util.Base64;
import java.security.SecureRandom;
import java.util.Random;
import java.util.UUID;
@ -22,7 +23,7 @@ public class XLUtil {
}
private static String random(String base, int length) {
Random random = new Random();
Random random = new SecureRandom();
StringBuilder sb = new StringBuilder();
for (int i = 0; i < length; i++) sb.append(base.charAt(random.nextInt(base.length())));
return sb.toString();

Write Preview
Loading…
Cancel
Save