From 6bbf8f9cbc8abeea53af97ee23d9a5df5c71cf52 Mon Sep 17 00:00:00 2001
From: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
Date: Mon, 15 Jun 2020 12:00:13 +0200
Subject: [PATCH] Extend the insecure random rule with more insecure random
 functions

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
---
 helpers.go    | 1 -
 rules/rand.go | 3 ++-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/helpers.go b/helpers.go
index 5e90f40..83dfa29 100644
--- a/helpers.go
+++ b/helpers.go
@@ -37,7 +37,6 @@ import (
 // 	node, matched := MatchCallByPackage(n, ctx, "math/rand", "Read")
 //
 func MatchCallByPackage(n ast.Node, c *Context, pkg string, names ...string) (*ast.CallExpr, bool) {
-
 	importedName, found := GetImportedName(pkg, c)
 	if !found {
 		return nil, false
diff --git a/rules/rand.go b/rules/rand.go
index 08c28fc..bf86b76 100644
--- a/rules/rand.go
+++ b/rules/rand.go
@@ -43,7 +43,8 @@ func (w *weakRand) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, error) {
 // NewWeakRandCheck detects the use of random number generator that isn't cryptographically secure
 func NewWeakRandCheck(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
 	return &weakRand{
-		funcNames:   []string{"Read", "Int"},
+		funcNames: []string{"New", "Read", "Float32", "Float64", "Int", "Int31",
+			"Int31n", "Int63", "Int63n", "Intn", "NormalFloat64", "Uint32", "Uint64"},
 		packagePath: "math/rand",
 		MetaData: gosec.MetaData{
 			ID:         id,