From 810954014b853b6d826bdb8e3f812071edf5effa Mon Sep 17 00:00:00 2001
From: Vinnie Falco <vinnie.falco@gmail.com>
Date: Fri, 26 Jul 2013 11:34:44 -0700
Subject: [PATCH] Add hardened HashFunction to UnsignedInteger

---
 Builds/VisualStudio2012/Beast.props           |  2 ++
 Builds/VisualStudio2012/beast.vcxproj         | 14 ++++----
 Builds/VisualStudio2012/beast.vcxproj.filters | 12 +++----
 TODO.txt                                      |  2 ++
 modules/beast_basics/beast_basics.cpp         |  2 --
 modules/beast_basics/beast_basics.h           |  1 -
 modules/beast_core/beast_core.cpp             |  1 +
 modules/beast_core/beast_core.h               |  1 +
 .../maths}/beast_MurmurHash.cpp               |  0
 .../maths}/beast_MurmurHash.h                 |  0
 .../beast_crypto/math/beast_UnsignedInteger.h | 36 +++++++++++++++++++
 11 files changed, 55 insertions(+), 16 deletions(-)
 rename modules/{beast_basics/math => beast_core/maths}/beast_MurmurHash.cpp (100%)
 rename modules/{beast_basics/math => beast_core/maths}/beast_MurmurHash.h (100%)

diff --git a/Builds/VisualStudio2012/Beast.props b/Builds/VisualStudio2012/Beast.props
index 4e9ca3e391..1d61359a39 100644
--- a/Builds/VisualStudio2012/Beast.props
+++ b/Builds/VisualStudio2012/Beast.props
@@ -7,6 +7,8 @@
     <ClCompile>
       <WarningLevel>Level4</WarningLevel>
       <PreprocessorDefinitions>_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <MultiProcessorCompilation>true</MultiProcessorCompilation>
+      <MinimalRebuild>false</MinimalRebuild>
     </ClCompile>
   </ItemDefinitionGroup>
   <ItemGroup />
diff --git a/Builds/VisualStudio2012/beast.vcxproj b/Builds/VisualStudio2012/beast.vcxproj
index 4d97ef0b3d..5a7a76e921 100644
--- a/Builds/VisualStudio2012/beast.vcxproj
+++ b/Builds/VisualStudio2012/beast.vcxproj
@@ -93,7 +93,6 @@
     <ClInclude Include="..\..\modules\beast_basics\events\beast_OncePerSecond.h" />
     <ClInclude Include="..\..\modules\beast_basics\functor\beast_Function.h" />
     <ClInclude Include="..\..\modules\beast_basics\math\beast_Math.h" />
-    <ClInclude Include="..\..\modules\beast_basics\math\beast_MurmurHash.h" />
     <ClInclude Include="..\..\modules\beast_basics\memory\beast_AllocatedBy.h" />
     <ClInclude Include="..\..\modules\beast_basics\memory\beast_FifoFreeStore.h" />
     <ClInclude Include="..\..\modules\beast_basics\memory\beast_FifoFreeStoreWithoutTLS.h" />
@@ -156,6 +155,7 @@
     <ClInclude Include="..\..\modules\beast_core\maths\beast_Expression.h" />
     <ClInclude Include="..\..\modules\beast_core\maths\beast_Interval.h" />
     <ClInclude Include="..\..\modules\beast_core\maths\beast_MathsFunctions.h" />
+    <ClInclude Include="..\..\modules\beast_core\maths\beast_MurmurHash.h" />
     <ClInclude Include="..\..\modules\beast_core\maths\beast_Random.h" />
     <ClInclude Include="..\..\modules\beast_core\maths\beast_Range.h" />
     <ClInclude Include="..\..\modules\beast_core\memory\beast_Atomic.h" />
@@ -302,12 +302,6 @@
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
     </ClCompile>
-    <ClCompile Include="..\..\modules\beast_basics\math\beast_MurmurHash.cpp">
-      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
-      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
-      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
-      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
-    </ClCompile>
     <ClCompile Include="..\..\modules\beast_basics\memory\beast_FifoFreeStoreWithoutTLS.cpp">
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
@@ -519,6 +513,12 @@
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
     </ClCompile>
+    <ClCompile Include="..\..\modules\beast_core\maths\beast_MurmurHash.cpp">
+      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
+      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
+      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
+      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
+    </ClCompile>
     <ClCompile Include="..\..\modules\beast_core\maths\beast_Random.cpp">
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
diff --git a/Builds/VisualStudio2012/beast.vcxproj.filters b/Builds/VisualStudio2012/beast.vcxproj.filters
index b649d0e21e..afed64c516 100644
--- a/Builds/VisualStudio2012/beast.vcxproj.filters
+++ b/Builds/VisualStudio2012/beast.vcxproj.filters
@@ -503,9 +503,6 @@
     <ClInclude Include="..\..\modules\beast_basics\math\beast_Math.h">
       <Filter>beast_basics\math</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\modules\beast_basics\math\beast_MurmurHash.h">
-      <Filter>beast_basics\math</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\modules\beast_basics\memory\beast_AllocatedBy.h">
       <Filter>beast_basics\memory</Filter>
     </ClInclude>
@@ -734,6 +731,9 @@
     <ClInclude Include="..\..\modules\beast_sqdb\detail\use_type.h">
       <Filter>beast_sqdb\detail</Filter>
     </ClInclude>
+    <ClInclude Include="..\..\modules\beast_core\maths\beast_MurmurHash.h">
+      <Filter>beast_core\maths</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="..\..\modules\beast_core\beast_core.cpp">
@@ -991,9 +991,6 @@
     <ClCompile Include="..\..\modules\beast_basics\events\beast_OncePerSecond.cpp">
       <Filter>beast_basics\events</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\modules\beast_basics\math\beast_MurmurHash.cpp">
-      <Filter>beast_basics\math</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\modules\beast_basics\memory\beast_FifoFreeStoreWithoutTLS.cpp">
       <Filter>beast_basics\memory</Filter>
     </ClCompile>
@@ -1135,6 +1132,9 @@
     <ClCompile Include="..\..\modules\beast_sqdb\source\use_type.cpp">
       <Filter>beast_sqdb\source</Filter>
     </ClCompile>
+    <ClCompile Include="..\..\modules\beast_core\maths\beast_MurmurHash.cpp">
+      <Filter>beast_core\maths</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <Text Include="..\..\TODO.txt" />
diff --git a/TODO.txt b/TODO.txt
index 3849b7bc66..89513ae9a8 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -2,6 +2,8 @@
 BEAST TODO
 --------------------------------------------------------------------------------
 
+- Implement HardenedHashFunctions
+
 - Set sqlite thread safety model to '2' in beast_sqlite
 
 - Document and rename all the sqdb files and classes
diff --git a/modules/beast_basics/beast_basics.cpp b/modules/beast_basics/beast_basics.cpp
index 235c8a004e..aa1a8f8b52 100644
--- a/modules/beast_basics/beast_basics.cpp
+++ b/modules/beast_basics/beast_basics.cpp
@@ -45,8 +45,6 @@ namespace beast
 #include "events/beast_DeadlineTimer.cpp"
 #include "events/beast_OncePerSecond.cpp"
 
-#include "math/beast_MurmurHash.cpp"
-
 #include "threads/beast_InterruptibleThread.cpp"
 #include "threads/beast_Semaphore.cpp"
 #include "memory/beast_FifoFreeStoreWithTLS.cpp"
diff --git a/modules/beast_basics/beast_basics.h b/modules/beast_basics/beast_basics.h
index 6ce25f9bc0..78f59c2f69 100644
--- a/modules/beast_basics/beast_basics.h
+++ b/modules/beast_basics/beast_basics.h
@@ -250,7 +250,6 @@ namespace beast
 #include "events/beast_DeadlineTimer.h"
 #include "events/beast_OncePerSecond.h"
 #include "math/beast_Math.h"
-#include "math/beast_MurmurHash.h"
 #include "memory/beast_AllocatedBy.h"
 #include "memory/beast_PagedFreeStore.h"
 #include "memory/beast_GlobalPagedFreeStore.h"
diff --git a/modules/beast_core/beast_core.cpp b/modules/beast_core/beast_core.cpp
index f2387873fe..ba3982a370 100644
--- a/modules/beast_core/beast_core.cpp
+++ b/modules/beast_core/beast_core.cpp
@@ -166,6 +166,7 @@ namespace beast
 
 #include "maths/beast_BigInteger.cpp"
 #include "maths/beast_Expression.cpp"
+#include "maths/beast_MurmurHash.cpp"
 #include "maths/beast_Random.cpp"
 
 #include "memory/beast_MemoryBlock.cpp"
diff --git a/modules/beast_core/beast_core.h b/modules/beast_core/beast_core.h
index c19c149f27..62be31d08b 100644
--- a/modules/beast_core/beast_core.h
+++ b/modules/beast_core/beast_core.h
@@ -262,6 +262,7 @@ namespace beast
 #include "maths/beast_Expression.h"
 #include "maths/beast_Interval.h"
 #include "maths/beast_MathsFunctions.h"
+#include "maths/beast_MurmurHash.h"
 #include "maths/beast_Random.h"
 #include "maths/beast_Range.h"
 #include "memory/beast_ByteOrder.h"
diff --git a/modules/beast_basics/math/beast_MurmurHash.cpp b/modules/beast_core/maths/beast_MurmurHash.cpp
similarity index 100%
rename from modules/beast_basics/math/beast_MurmurHash.cpp
rename to modules/beast_core/maths/beast_MurmurHash.cpp
diff --git a/modules/beast_basics/math/beast_MurmurHash.h b/modules/beast_core/maths/beast_MurmurHash.h
similarity index 100%
rename from modules/beast_basics/math/beast_MurmurHash.h
rename to modules/beast_core/maths/beast_MurmurHash.h
diff --git a/modules/beast_crypto/math/beast_UnsignedInteger.h b/modules/beast_crypto/math/beast_UnsignedInteger.h
index fc0fa167cb..f8b5204a2a 100644
--- a/modules/beast_crypto/math/beast_UnsignedInteger.h
+++ b/modules/beast_crypto/math/beast_UnsignedInteger.h
@@ -43,6 +43,42 @@ public:
     typedef unsigned char* iterator;
     typedef unsigned char const* const_iterator;
 
+    /** Hardened hash function for use with HashMap.
+
+        The seed is used to make the hash unpredictable. This prevents
+        attackers from exploiting crafted inputs to produce degenerate
+        containers.
+
+        @see HashMap
+    */
+    class HashFunction
+    {
+    public:
+        /** Construct a hash function.
+
+            If a seed is specified it will be used, else a random seed
+            will be generated from the system.
+
+            @param seedToUse An optional seed to use.
+        */
+        explicit HashFunction (int seedToUse = Random::getSystemRandom ().nextInt ())
+            : m_seed (seedToUse)
+        {
+        }
+        
+        /** Generates a simple hash from an UnsignedInteger. */
+        int generateHash (UnsignedInteger <Bytes> const& key, const int upperLimit) const noexcept
+        {
+            uint32 hashCode;
+            Murmur::Hash (key.cbegin (), key.sizeInBytes, m_seed, &hashCode);
+            // Shouldn't produce negative numbers since upperLimit is an int?
+            return static_cast <int> (hashCode % upperLimit);
+        }
+
+    private:
+        int m_seed;
+    };
+
     /** Construct the object.
 
         The values are uninitialized.