diff options
author | Marc Mutz <marc.mutz@qt.io> | 2024-05-08 16:11:36 +0200 |
---|---|---|
committer | Marc Mutz <marc.mutz@qt.io> | 2024-05-08 19:36:09 +0200 |
commit | 5c0c90b6e5c3cdabd6ad41d5b6478250c8877f48 (patch) | |
tree | 1c6ed474d910436d27979571b35ccd3ca63028a1 /dependencies.yaml | |
parent | ea08d44f98f0ed5e774f15fd65eac2f7cf922810 (diff) |
QAbstractOAuth: fix data race and poor seeding in generateRandomString()
While not explicitly documented as thread-safe, this function
maintains unprotected global state, and OAuth classes are surely used
outside the main thread, so independent OAuth objects performing this
operation at the same time means data race, iow: UB.
Protect with a mutex.
As a drive-by, use Q_GLOBAL_STATIC instead of magic statics, and make
the char array constexpr instead of static const, to statically assert
that it plays no role in thread-safety.
Also seed the PRNG with QRandomGenerator::system() instead of the
moral equivalent of gettimeoday(). The OAuth1 RFC5849¹ doesn't mention
it, but the OpenID² spec asks for the nonce to be "unguessable to
attackers". A gettimeofday()-seeded PRNG, esp. with only millisecond
resolution, clearly doesn't fulfil that requirement.
QRandomGenerator::system(), OTOH, is documented to be "securely
seeded", and provides a seed_seq-like interface so the _whole_ mt19937
state can be seeded, not just a 32-bit fraction of it.
Keep the local PRNG to not exhaust the kernel's entropy pool through
excessive system() usage.
¹ https://datatracker.ietf.org/doc/html/rfc5849#section-3.3
² https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes
Amends a6dc1c01da723a93e1c174a6950eb4bab8cab3fc.
Pick-to: 6.7 6.5 6.2 5.15
Change-Id: Id09b04cc2ae342a7374a9f7a6803c860360d132c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
Diffstat (limited to 'dependencies.yaml')
0 files changed, 0 insertions, 0 deletions