gecko-dev/mfbt/RandomNum.h
Alex Catarineu bc96439261 Bug 461204 - Improve the random number generator for the boundaries in multipart/form-data r=smaug
Using a weak RNG for the form boundary allows a website operator to perform several
attacks on users (as outlined in https://trac.torproject.org/projects/tor/ticket/22919)

These include:
 - Identifying Windows users based on the unseeded RNG
 - Identify the number of form submissions that have occurred cross-origin between same-origin submissions

Additionally, a predictable boundary makes it possible to forge a boundary in the middle
of a file upload.

Differential Revision: https://phabricator.services.mozilla.com/D56056

--HG--
extra : moz-landing-system : lando
2020-01-13 20:41:14 +00:00

42 lines
1.3 KiB
C++

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
/* Routines for generating random numbers */
#ifndef mozilla_RandomNum_h_
#define mozilla_RandomNum_h_
#include "mozilla/Maybe.h"
#include "mozilla/Types.h"
namespace mozilla {
/**
* Generate a cryptographically secure random 64-bit unsigned number using the
* best facilities available on the current OS.
*
* Useful whenever a secure random number is needed and NSS isn't available.
* (Perhaps because it hasn't been initialized yet)
*
* Current mechanisms:
* Windows: RtlGenRandom()
* Android, Darwin, DragonFly, FreeBSD, OpenBSD, NetBSD: arc4random()
* Linux: getrandom() if available, "/dev/urandom" otherwise
* Other Unix: "/dev/urandom"
*
*/
MFBT_API Maybe<uint64_t> RandomUint64();
/**
* Like RandomUint64, but always returns a uint64_t or crashes with an assert
* if the underlying RandomUint64 call failed.
*/
MFBT_API uint64_t RandomUint64OrDie();
} // namespace mozilla
#endif // mozilla_RandomNum_h_