diff options
author | Kent Hansen <kent.hansen@nokia.com> | 2010-10-05 10:06:10 (GMT) |
---|---|---|
committer | Kent Hansen <kent.hansen@nokia.com> | 2010-10-05 11:16:57 (GMT) |
commit | 8ed3d9e33de7b4ee93b007ebde16ce42885ba95c (patch) | |
tree | 5d1a1396026a3774ad735f8b6814df073f115b62 /src/3rdparty | |
parent | a891f20bc370c24777e22be40499e695f97738f9 (diff) | |
download | Qt-8ed3d9e33de7b4ee93b007ebde16ce42885ba95c.zip Qt-8ed3d9e33de7b4ee93b007ebde16ce42885ba95c.tar.gz Qt-8ed3d9e33de7b4ee93b007ebde16ce42885ba95c.tar.bz2 |
QtScript/JavaScriptCore: Backport random number generator seeding fix
Backported changes:
|| <https://webkit.org/b/38719> || JavaScriptCore/wtf/RandomNumber.h should provide using WTF::* ||
|| <https://webkit.org/b/41868> || Don't seed the JS random number generator from time() ||
Task-number: QTBUG-13440
Reviewed-by: Simon Hausmann
Diffstat (limited to 'src/3rdparty')
7 files changed, 41 insertions, 6 deletions
diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog b/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog index fbaf5d2..fd6c3f7 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog +++ b/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog @@ -1,3 +1,24 @@ +2010-08-24 Oliver Hunt <oliver@apple.com> + + Reviewed by Geoff Garen. + + Don't seed the JS random number generator from time() + https://bugs.webkit.org/show_bug.cgi?id=41868 + <rdar://problem/8171025> + + Switch to using the secure random number generator to + seed the fast random generator, and make the generator + be per global object. + + * runtime/JSGlobalData.cpp: + (JSC::JSGlobalData::JSGlobalData): + * runtime/JSGlobalData.h: + * runtime/JSGlobalObject.h: + (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): + (JSC::JSGlobalObject::weakRandomNumber): + * runtime/MathObject.cpp: + (JSC::mathProtoFuncRandom): + 2010-06-18 Tucker Jay <jay.tucker@nokia.com> Reviewed by NOBODY (OOPS!). @@ -94,6 +115,16 @@ * wtf/Platform.h: +2010-05-06 Fumitoshi Ukai <ukai@chromium.org> + + Reviewed by Alexey Proskuryakov. + + JavaScriptCore/wtf/RandomNumber.h should provide using WTF::* + https://bugs.webkit.org/show_bug.cgi?id=38719 + + * wtf/RandomNumber.h: + Add using directives. + 2010-04-28 Simon Hausmann <simon.hausmann@nokia.com>, Kent Hansen <kent.hansen@nokia.com> Reviewed by Darin Adler. diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp index 34b5f82..1c25c16 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp +++ b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp @@ -144,7 +144,6 @@ JSGlobalData::JSGlobalData(bool isShared) , firstStringifierToMark(0) , markStack(jsArrayVPtr) , cachedUTCOffset(NaN) - , weakRandom(static_cast<int>(currentTime())) #ifndef NDEBUG , mainThreadOnly(false) #endif diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.h b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.h index 49a6c4c..dcd3289 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.h +++ b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.h @@ -184,8 +184,6 @@ namespace JSC { UString cachedDateString; double cachedDateStringValue; - - WeakRandom weakRandom; #ifndef NDEBUG bool mainThreadOnly; diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalObject.h b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalObject.h index 340e04d..7c20272 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalObject.h +++ b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalObject.h @@ -31,6 +31,7 @@ #include "StructureChain.h" #include <wtf/HashSet.h> #include <wtf/OwnPtr.h> +#include <wtf/RandomNumber.h> namespace JSC { @@ -91,6 +92,7 @@ namespace JSC { , datePrototype(0) , regExpPrototype(0) , methodCallDummy(0) + , weakRandom(static_cast<unsigned>(randomNumber() * (std::numeric_limits<unsigned>::max() + 1.0))) { } @@ -154,6 +156,7 @@ namespace JSC { RefPtr<JSGlobalData> globalData; HashSet<GlobalCodeBlock*> codeBlocks; + WeakRandom weakRandom; }; public: @@ -271,6 +274,7 @@ namespace JSC { return Structure::create(prototype, TypeInfo(ObjectType, StructureFlags)); } + double weakRandomNumber() { return d()->weakRandom.get(); } protected: static const unsigned StructureFlags = OverridesGetOwnPropertySlot | OverridesMarkChildren | OverridesGetPropertyNames | JSVariableObject::StructureFlags; diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/MathObject.cpp b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/MathObject.cpp index 8f22fba..807cfe7 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/runtime/MathObject.cpp +++ b/src/3rdparty/javascriptcore/JavaScriptCore/runtime/MathObject.cpp @@ -210,7 +210,7 @@ JSValue JSC_HOST_CALL mathProtoFuncPow(ExecState* exec, JSObject*, JSValue, cons JSValue JSC_HOST_CALL mathProtoFuncRandom(ExecState* exec, JSObject*, JSValue, const ArgList&) { - return jsDoubleNumber(exec, exec->globalData().weakRandom.get()); + return jsDoubleNumber(exec, exec->lexicalGlobalObject()->weakRandomNumber()); } JSValue JSC_HOST_CALL mathProtoFuncRound(ExecState* exec, JSObject*, JSValue, const ArgList& args) diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/wtf/RandomNumber.h b/src/3rdparty/javascriptcore/JavaScriptCore/wtf/RandomNumber.h index fe1687c..e54e9ae 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/wtf/RandomNumber.h +++ b/src/3rdparty/javascriptcore/JavaScriptCore/wtf/RandomNumber.h @@ -39,4 +39,7 @@ namespace WTF { } +using WTF::randomNumber; +using WTF::weakRandomNumber; + #endif diff --git a/src/3rdparty/javascriptcore/VERSION b/src/3rdparty/javascriptcore/VERSION index 6f5fb7c..9991ac0 100644 --- a/src/3rdparty/javascriptcore/VERSION +++ b/src/3rdparty/javascriptcore/VERSION @@ -4,8 +4,8 @@ This is a snapshot of JavaScriptCore from The commit imported was from the - javascriptcore-snapshot-28062010 branch/tag + javascriptcore-snapshot-05102010 branch/tag and has the sha1 checksum - 0fccd26d3624e80cf68873701ef70ad72ca66bec + 82ead85cfea5859044eeb25b33314dcc0fa5eea1 |