Differences From Artifact [fda4d04529]:
- File
src/OFMapTable.m
— part of check-in
[4857107479]
at
2012-12-06 11:00:54
on branch trunk
— OFMapTable: Rotate hash by a random number of bits
By rotating the hash by a random number of bits, an attacker needs to
find collisions on the full 32 bits of the hash and not only on the
lower n bits that are actually used by the map table, as an attacker
can't know which bits are actually used for the map table. (user: js, size: 16362) [annotate] [blame] [check-ins using]
To Artifact [458807374d]:
- File
src/OFMapTable.m
— part of check-in
[6712442fad]
at
2012-12-07 13:57:13
on branch trunk
— Revert several OFHashMap related commits.
This reverts:
* "Add a per-hashtable seed."
(cd49c7fcb4b8dca62dccdbf6545d37d86b639eef)
* "OFMapTable: Reseed on resize."
(5b545165691cd9ad838c9125b02ff7c857bd4b99)
* "Add of_random()."
(9810f191b4e8c1612e7e55095c87e589660fbdba)
* "OFMapTable: Rotate hash by a random number of bits"
(3bef412217232d01f202794f7175c130afa1df8f)It turned out that these were slowing down all classes based on
OFHashMap significantly. As there is still no proof that the seeded
one-at-a-time hash is vulnerable to DoS, these changes were overly
paranoid. While overly paranoid is usually ok, it is not if it severely
impacts performance. (user: js, size: 15686) [annotate] [blame] [check-ins using]
| ︙ | ︙ | |||
12 13 14 15 16 17 18 | * Public License, either version 2 or 3, which can be found in the file * LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this * file. */ #include "config.h" | < < < | 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | * Public License, either version 2 or 3, which can be found in the file * LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this * file. */ #include "config.h" #include <string.h> #include <assert.h> #import "OFMapTable.h" #import "OFEnumerator.h" #import "OFEnumerationMutationException.h" #import "OFInvalidArgumentException.h" #import "OFNotImplementedException.h" #import "OFOutOfRangeException.h" |
| ︙ | ︙ | |||
148 149 150 151 152 153 154 | minCapacity = capacity; buckets = [self allocMemoryWithSize: sizeof(*buckets) count: capacity]; memset(buckets, 0, capacity * sizeof(*buckets)); | < < < < < | 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
minCapacity = capacity;
buckets = [self allocMemoryWithSize: sizeof(*buckets)
count: capacity];
memset(buckets, 0, capacity * sizeof(*buckets));
} @catch (id e) {
[self release];
@throw e;
}
return self;
}
|
| ︙ | ︙ | |||
230 231 232 233 234 235 236 |
@try {
uint32_t i;
for (i = 0; i < capacity; i++)
if (buckets[i] != NULL && buckets[i] != &deleted)
[copy OF_setValue: buckets[i]->value
forKey: buckets[i]->key
| < | < | 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 |
@try {
uint32_t i;
for (i = 0; i < capacity; i++)
if (buckets[i] != NULL && buckets[i] != &deleted)
[copy OF_setValue: buckets[i]->value
forKey: buckets[i]->key
hash: buckets[i]->hash];
} @catch (id e) {
[copy release];
@throw e;
}
copy->minCapacity = MIN_CAPACITY;
|
| ︙ | ︙ | |||
257 258 259 260 261 262 263 | uint32_t i, hash, last; if (key == NULL) @throw [OFInvalidArgumentException exceptionWithClass: [self class] selector: _cmd]; | | | 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 |
uint32_t i, hash, last;
if (key == NULL)
@throw [OFInvalidArgumentException
exceptionWithClass: [self class]
selector: _cmd];
hash = keyFunctions.hash(key);
last = capacity;
for (i = hash & (capacity - 1); i < last && buckets[i] != NULL; i++) {
if (buckets[i] == &deleted)
continue;
if (keyFunctions.equal(buckets[i]->key, key))
|
| ︙ | ︙ | |||
287 288 289 290 291 292 293 |
}
return NULL;
}
- (void)OF_resizeForCount: (uint32_t)newCount
{
| | < | 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 |
}
return NULL;
}
- (void)OF_resizeForCount: (uint32_t)newCount
{
uint32_t i, fullness, newCapacity;
struct of_map_table_bucket **newBuckets;
if (newCount > UINT32_MAX || newCount > UINT32_MAX / sizeof(*buckets) ||
newCount > UINT32_MAX / 8)
@throw [OFOutOfRangeException exceptionWithClass: [self class]];
fullness = newCount * 8 / capacity;
|
| ︙ | ︙ | |||
313 314 315 316 317 318 319 | newBuckets = [self allocMemoryWithSize: sizeof(*newBuckets) count: newCapacity]; for (i = 0; i < newCapacity; i++) newBuckets[i] = NULL; | < < < < < < < < < < < | 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 |
newBuckets = [self allocMemoryWithSize: sizeof(*newBuckets)
count: newCapacity];
for (i = 0; i < newCapacity; i++)
newBuckets[i] = NULL;
for (i = 0; i < capacity; i++) {
if (buckets[i] != NULL && buckets[i] != &deleted) {
uint32_t j, last;
last = newCapacity;
j = buckets[i]->hash & (newCapacity - 1);
for (; j < last && newBuckets[j] != NULL; j++);
/* In case the last bucket is already used */
if (j >= last) {
|
| ︙ | ︙ | |||
350 351 352 353 354 355 356 | newBuckets[j] = buckets[i]; } } [self freeMemory: buckets]; buckets = newBuckets; capacity = newCapacity; | < < | < | < | < | | | 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 |
newBuckets[j] = buckets[i];
}
}
[self freeMemory: buckets];
buckets = newBuckets;
capacity = newCapacity;
}
- (void)OF_setValue: (void*)value
forKey: (void*)key
hash: (uint32_t)hash
{
uint32_t i, last;
void *old;
if (key == NULL || value == NULL)
@throw [OFInvalidArgumentException
exceptionWithClass: [self class]
selector: _cmd];
last = capacity;
for (i = hash & (capacity - 1); i < last && buckets[i] != NULL; i++) {
if (buckets[i] == &deleted)
continue;
if (keyFunctions.equal(buckets[i]->key, key))
break;
}
/* In case the last bucket is already used */
if (i >= last) {
last = hash & (capacity - 1);
for (i = 0; i < last && buckets[i] != NULL; i++) {
if (buckets[i] == &deleted)
continue;
if (keyFunctions.equal(buckets[i]->key, key))
break;
}
}
/* Key not in dictionary */
if (i >= last || buckets[i] == NULL || buckets[i] == &deleted ||
!keyFunctions.equal(buckets[i]->key, key)) {
struct of_map_table_bucket *bucket;
[self OF_resizeForCount: count + 1];
mutations++;
last = capacity;
for (i = hash & (capacity - 1); i < last &&
buckets[i] != NULL && buckets[i] != &deleted; i++);
/* In case the last bucket is already used */
if (i >= last) {
last = hash & (capacity - 1);
for (i = 0; i < last && buckets[i] != NULL &&
buckets[i] != &deleted; i++);
}
if (i >= last)
@throw [OFOutOfRangeException
|
| ︙ | ︙ | |||
434 435 436 437 438 439 440 |
bucket->value = valueFunctions.retain(value);
} @catch (id e) {
keyFunctions.release(key);
[self freeMemory: bucket];
@throw e;
}
| | | 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 |
bucket->value = valueFunctions.retain(value);
} @catch (id e) {
keyFunctions.release(key);
[self freeMemory: bucket];
@throw e;
}
bucket->hash = hash;
buckets[i] = bucket;
count++;
return;
}
|
| ︙ | ︙ | |||
464 465 466 467 468 469 470 | uint32_t i, hash, last; if (key == NULL) @throw [OFInvalidArgumentException exceptionWithClass: [self class] selector: _cmd]; | | | 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 |
uint32_t i, hash, last;
if (key == NULL)
@throw [OFInvalidArgumentException
exceptionWithClass: [self class]
selector: _cmd];
hash = keyFunctions.hash(key);
last = capacity;
for (i = hash & (capacity - 1); i < last && buckets[i] != NULL; i++) {
if (buckets[i] == &deleted)
continue;
if (keyFunctions.equal(buckets[i]->key, key)) {
|
| ︙ | ︙ |