Algorithmic complexity attacks against hash tables have been known
since 2003 (cf. [1, 2]), and they have been left unpatched for years
until the 2011 attacks [3] against many libraries /
(reference) implementations of programming languages.
This patch adds a global integer, to be used as a seed for the hash
function itself. The seed is randomly initialized the first time a
QHash detaches from shared_null.
Right now the seed is not used at all -- another patch will modify
qHash to make use of it.
[1] http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf
[2] http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-Attacks
[3] http://www.ocert.org/advisories/ocert-2011-003.html
Task-number: QTBUG-23529
Change-Id: I7519e4c02b9c2794d1c14079b01330eb356e9c65
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
For all practical purposes, the fallback introduced here returns the
desired value. Having a fallback enables unconditional use of Q_ALIGNOF.
For compilers that provide native support for it, Q_ALIGNOF is otherwise
#defined in qcompilerdetection.h.
Change-Id: Ie148ca8936cbbf8b80fe87771a14797c39a9d30c
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
C++11 adds cbegin()/cend() functions for the same reason Qt has
constBegin()/constEnd(). This patch adds these functions to the
Qt containers with the same implementation as constBegin()/constEnd().
It also fixes the return types in the documentation of existing
constFind() functions (documentation only).
C++11 only adds cbegin()/cend() (and crbegin()/crend(), which Qt doesn't have).
In particular, it doesn't add cfind(), so I didn't supply these, even though
Qt comes with constFind().
This is a forward-port of https://qt.gitorious.org/qt/qt/merge_requests/1365.
Change-Id: Ida086b64246b24e25254eafbcb06c8e33388502b
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.
Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
These defines were there to aid in the commercial
licensing scheme we used long ago, and are no longer needed.
Keep a QT_MODULE(x) define so other modules continue compiling.
Change-Id: I8fd76cd5270df8f14aee746b6cf32ebf7c23fec7
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
, as those are going away.
The comment in QString/QByteArray::squeeze about shared_null was updated as it
also affects other static data, such as that generated by QStringLiteral and
QByteArrayLiteral.
Change-Id: I26a757d29db62b1e3566a1f7c8d4030918ed8a89
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
Functions that modify the d-pointer must detach or otherwise take
measures to not modify the const, read-only shared_null.
The setSharable(bool) function takes care to detach when setting
sharable to false, but should avoid setting the sharable data member
unless d is not the shared null.
Similarly, QMap<Key, T>::setInsertInOrder() needs to detach if it is
shared with the shared_null (the logic has been updated to be the same
as setSharable()).
Change-Id: Ida5cb9818b86695f1b9f0264418b955c56424898
Reviewed-on: http://codereview.qt-project.org/5929
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
Reviewed-by: Jan-Arve Sæther <jan-arve.saether@nokia.com>
Dealt with all necessary changes that are marked in the code: removing
methods left only for binary compatibility with earlier Qt 4 versions
and other methods marked for removal.
Change-Id: I47109ccd9ed40addc345416be9e172570723955e
Reviewed-on: http://codereview.qt-project.org/4534
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
Similar to QLinkedList QList, QMap, QVector, QByteArray and QString,
keep the shared_null in shareable memory and never modify it.
Change-Id: Ia8b72ef0288575bed658153d9d54434580988bda
Reviewed-on: http://codereview.qt-project.org/4533
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
the alternative would be splitting the function into two separate
overloads. that might result in better branch prediction, but will
create a bit more code.
Change-Id: Ia2c685bbb34a9681c71f2249d073dd960368209a
Reviewed-on: http://codereview.qt-project.org/5332
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Samuel Rødal <samuel.rodal@nokia.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
This is the beginning of revision history for this module. If you
want to look at revision history older than this, please refer to the
Qt Git wiki for how to use Git history grafting. At the time of
writing, this wiki is located here:
http://qt.gitorious.org/qt/pages/GitIntroductionWithQt
If you have already performed the grafting and you don't see any
history beyond this commit, try running "git log" with the "--follow"
argument.
Branched from the monolithic repo, Qt master branch, at commit
896db169ea224deb96c59ce8af800d019de63f12
Giuseppe D'Angelo
João Abecasis
Kent Hansen
Marc Mutz
Jason McDonald
Gunnar Sletta
Morten Sorvig
Bradley T. Hughes
Oswald Buddenhagen
Jyri Tahtela
Qt by Nokia