Commit Graph

16 Commits

Author SHA1 Message Date
Giuseppe D'Angelo
9a77171ccc QHash security fix (1.5/2): qHash two arguments overload support
Algorithmic complexity attacks against hash tables have been known
since 2003 (cf. [1, 2]), and they have been left unpatched for years
until the 2011 attacks [3] against many libraries /
(reference) implementations of programming languages.

This patch adds a qHash overload taking two arguments: the value to
be hashed, and a uint to be used as a seed for the hash function
itself (support the global QHash seed was added in a previous patch).
The seed itself is not used just yet; instead, 0 is passed.

Compatibility with the one-argument qHash(T) implementation is kept
through a catch-all template.

[1] http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf
[2] http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-Attacks
[3] http://www.ocert.org/advisories/ocert-2011-003.html

Task-number: QTBUG-23529
Change-Id: I1d0a84899476d134db455418c8043a349a7e5317
Reviewed-by: João Abecasis <joao.abecasis@nokia.com>
2012-04-04 13:02:58 +02:00
Jason McDonald
5635823e17 Remove "All rights reserved" line from license headers.
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.

Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-30 03:54:59 +01:00
Jason McDonald
629d6eda5c Update contact information in license headers.
Replace Nokia contact email address with Qt Project website.

Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-23 04:04:33 +01:00
Jason McDonald
1fdfc2abfe Update copyright year in license headers.
Change-Id: I02f2c620296fcd91d4967d58767ea33fc4e1e7dc
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-05 06:36:56 +01:00
Jason McDonald
e3640d1bdd Remove TESTED_CLASS/TESTED_FILES comments from tests.
These comments were mostly empty or inaccurate.  Appropriate naming of
tests and appropriate placement of tests within the directory tree
provide more reliable indicators of what is being tested.

Change-Id: Ib6bf373d9e79917e4ab1417ee5c1264a2c2d7027
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-12-06 02:19:25 +01:00
Jason McDonald
75b66dc8b0 Cleanup corelib autotests
Remove references to the old bug tracker.  The data from the old bug
tracker is no longer accessible, so these markers are meaningless.

Change-Id: Ib9d029d52b70fd0a512b9532d65f03763eabfe57
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-30 07:49:32 +01:00
Jason McDonald
d8ac62c6ec Restore commented-out code in QHash test.
The restored code verifies the following statement in the documentation
of QHash::find():

"If the hash contains no item with the key, the function returns end()."

It is not clear why the code was commented-out in the first place, as
this occurred before the tests were imported into the Qt repository in
2006.

Change-Id: I745393a8e3e728fc60009da07abd038a3d56e99c
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-21 08:30:22 +01:00
Jason McDonald
578e6d6834 Cleanup corelib autotests
Remove various disabled and/or non-helpful debugging code.

Any test diagnostics that are useful should be part of the regular test
output, as the CI system cannot switch on commented-out code when there
is a test failure.  Diagnostics should also be informative -- simply
printing the value of a variable with no other information about what is
being printed (or why it is being printed) is not informative.

Change-Id: I21a6c2121be86001bb57e80f426507b6e619ee9e
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-14 07:33:57 +01:00
Jason McDonald
94fc875079 Cleanup corelib autotests
Tidy the autotest .pro files.  Most autotest .pro files should look like
this:

CONFIG += testcase
TARGET = tst_something
QT = core testlib
SOURCES = tst_something.cpp

Change-Id: I877c2194e9fa9dd13478d117895e1e255a948ad7
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-11 02:45:05 +01:00
Jason McDonald
8e11f7c93a Cleanup corelib autotests
Remove literal tabs.

Change-Id: I210a0259773cceb20d35ebc80b889e3ebb88b540
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-10 04:42:45 +01:00
Jason McDonald
e8f7fccf22 Cleanup corelib autotests
Remove redundant empty constructors, destructors and test functions.

Change-Id: Idb51368895e67ec3fc0345a9a5d33d77730c051b
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-11-07 13:26:41 +01:00
Jason McDonald
665c9390d0 Remove tests for API that never made it into Qt.
Change-Id: If78d82abfb4ff3402eb8f36729bacc3c4d343d0c
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-10-31 06:59:24 +01:00
Rohan McGovern
07102cebde corelib: eliminated usage of qttest_p4.prf
qttest_p4.prf was added as a convenience for Qt's own autotests in Qt4.
It enables various crufty undocumented magic, of dubious value.
Stop using it, and explicitly enable the things from it which we want.

Change-Id: I7c1ffe9c8c294dbdc988e1582e580b1ed3f4593e
Reviewed-by: Jason McDonald <jason.mcdonald@nokia.com>
2011-10-25 05:03:08 +02:00
Bradley T. Hughes
992a37234c Don't crash by modifying read-only shared_null
Functions that modify the d-pointer must detach or otherwise take
measures to not modify the const, read-only shared_null.

The setSharable(bool) function takes care to detach when setting
sharable to false, but should avoid setting the sharable data member
unless d is not the shared null.

Similarly, QMap<Key, T>::setInsertInOrder() needs to detach if it is
shared with the shared_null (the logic has been updated to be the same
as setSharable()).

Change-Id: Ida5cb9818b86695f1b9f0264418b955c56424898
Reviewed-on: http://codereview.qt-project.org/5929
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
Reviewed-by: Jan-Arve Sæther <jan-arve.saether@nokia.com>
2011-10-04 11:21:25 +02:00
Jason McDonald
95cebd34eb Remove Symbian-specific code from tests.
Symbian is not a supported platform for Qt5, so this code is no longer
required.

Change-Id: I1172e6a42d518490e63e9599bf10579df08259aa
Reviewed-on: http://codereview.qt-project.org/5657
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-09-29 06:41:42 +02:00
Holger Ihrig
5c27f0a2fb Moving relevant tests to corelib/tools
Task-number: QTBUG-21066

Change-Id: I650f8f7826b9feea7c1484f06e03e10c68ec2b65
Reviewed-on: http://codereview.qt.nokia.com/3712
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
2011-09-01 13:07:23 +02:00