Per the language specification, no new
and malloc
do not initialize data on primitive types. The compiler/runtime is free to give you memory it hasn't done anything with.
However in practice, the memory you allocate is quite probably zero'd out by the kernel. Modern operating systems do this as a security measure, not zeroing out memory that was once owned by another process could leak that other processes' data into your memory space. What if that other process had stored a password? Note this is not always true, and shouldn't be relied on. Always initialize your memory.
If you actually want random data, you need to generate it yourself. What random source you pull from is dependent on your needs. If you need some "random" data for testing, or for say, generating monsters in a game, use one of the pseudo-random generators available in the standard library to generate your data. If you need cryptographically secure number generation, it's a bit more complicated to be sure you have correct.