-5

I have a function to generate numbers between 0-255 but it is also generating negative values. Any advice, please.

char* generateRandomNumbers()
{
    static unsigned char random[9];
    srand(0);
    static int i = 0;
    for(;i<9;i++)
    {
        random[i] = rand() % (256);
    }

    return (char*)random;
}

Printing numbers: 

char* random = generateRandomNumbers();
for (int i = 0; i < 9; i++) {
    printf("%d\n", random[i]);}
Mayank Vijh
  • 21
  • 5
  • 2
    When you are referring to "your rand()", are you referring to rand() or generateRandomNumbers() ? – thepiercingarrow Jun 30 '16 at 02:53
  • 1
    Why is `i` static? Why is `random[]` static? Why return a `char *` when you ask for a random number? Have you read up on how to interpret bits as signed or unsigned numbers? Why not [let `rand()`](http://stackoverflow.com/questions/822323/how-to-generate-a-random-number-in-c) generate your number instead of noodling with arrays of `char`? – Jens Jun 30 '16 at 02:56
  • You're storing them in `unsigned char`s.... they *cannot* be negative there. How are you printing them? – Dmitri Jun 30 '16 at 02:56
  • Question: what happens if `generateRandomNumbers` is called twice? – Eric Lippert Jun 30 '16 at 02:58
  • 1) write your loop as `for (size_t i = 0; i < 9; ++i )`. No need for a static int. 2) `rand() % 256` is producing an `int` and you're writing it to a single `char` type (which is probably the negative issue). – Steven Walton Jun 30 '16 at 02:58
  • Once you treat them as signed `char`, however, the larger numbers will appear as negative numbers instead. – Dmitri Jun 30 '16 at 02:59
  • Looks like `char` is signed on your platform. Try `unsigned char *` everywhere. – Mark Plotnick Jun 30 '16 at 03:00
  • Thanks guys, I was taking char also as 0 -255. Thank you. Sorry for the mistake, coming from c# background. – Mayank Vijh Jun 30 '16 at 03:05
  • `char` can be either signed or unsigned by default... so if you care which it is, you should qualify it with `signed` or `unsigned` (and be consistent about it). – Dmitri Jun 30 '16 at 03:06
  • Thanks @MarkPlotnick – Mayank Vijh Jun 30 '16 at 03:10
  • 1
    Side note: [never use `rand()` for anything related to cryptography](http://crypto.stackexchange.com/questions/15662/how-vulnerable-is-the-c-rand-in-public-cryptography-protocols)... the random generator is improving, but using `/dev/urandom` is probably your best choice on a Unix platform – Myst Jun 30 '16 at 03:13
  • [Is char signed or unsigned by default?](http://stackoverflow.com/q/2054939/995714) – phuclv Jun 30 '16 at 03:43
  • Thanks @Myst, It's a helpful advice as I am working of crypto. Great, Thanks :) – Mayank Vijh Jun 30 '16 at 03:46
  • @MayankVijh, you're very welcome. I actually started digging into crypto just lately. You can copy my [random code from here](https://github.com/boazsegev/c-server-tools/blob/82f973dd99cefa66f69082f07e4630b8b0431c91/src/minicrypt.c#L1180-L1221)... If you want to help with this small library and improve on it, I'd welcome the help. My intention is to make a one-file crypto library able to support TLS 1.3 implementations (though it might take me a while). – Myst Jun 30 '16 at 04:30

1 Answers1

2

rand() is also generating negative values

No, it is not. Describe the behaviour you are actually observing. You are NOT observing rand returning a negative number. You are observing that when a char is printed as a number you get a negative number.

So the question you should be asking is:

Why is my char printing as a negative number?

Because char is sign-extended in your version of C.

Eric Lippert
  • 647,829
  • 179
  • 1,238
  • 2,067
  • 1
    The op uses `%d` instead of `%u` to print the character. See [here](http://www.cplusplus.com/reference/cstdio/printf/) for printing signed and unsigned integer values. – Jens Jun 30 '16 at 03:04
  • Thanks Eric, New to Unsigned and Signed. So I took char as 0 -255 in my function. Thank you – Mayank Vijh Jun 30 '16 at 03:07
  • Where is your answer? – Mayank Vijh Jun 30 '16 at 03:09
  • @Mayank sorry his answer, although a bit vauge, is correct. I misunderstood what he was saying, sorry. – thepiercingarrow Jun 30 '16 at 03:12
  • 1
    @Jens `%d` or `%u` wouldn't matter if `unsigned char` were used... as signed `int` is a wider type and could still represent all the `unsigned char`'s values. – Dmitri Jun 30 '16 at 03:12