[webkit-changes] [264316] trunk/Source/WebKit

Mon, 13 Jul 2020 14:08:23 -0700

Title: [264316] trunk/Source/WebKit
Revision
264316
Author
katherine_che...@apple.com
Date
2020-07-13 14:07:55 -0700 (Mon, 13 Jul 2020)

Log Message

Followup to bug 213143: Add artificial delay to WebSocket connections to mitigate port scanning attacks
https://bugs.webkit.org/show_bug.cgi?id=213143

Reviewed by Darin Adler.

Convert min and max millisecond values from double/int to Seconds.

No new tests, behavior should not change.

* NetworkProcess/NetworkSocketStream.cpp:
(WebKit::randomDelay):

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (264315 => 264316)


--- trunk/Source/WebKit/ChangeLog	2020-07-13 20:43:08 UTC (rev 264315)
+++ trunk/Source/WebKit/ChangeLog	2020-07-13 21:07:55 UTC (rev 264316)
@@ -1,3 +1,17 @@
+2020-07-13  Kate Cheney  <katherine_che...@apple.com>
+
+        Followup to bug 213143: Add artificial delay to WebSocket connections to mitigate port scanning attacks
+        https://bugs.webkit.org/show_bug.cgi?id=213143
+
+        Reviewed by Darin Adler.
+
+        Convert min and max millisecond values from double/int to Seconds.
+
+        No new tests, behavior should not change.
+
+        * NetworkProcess/NetworkSocketStream.cpp:
+        (WebKit::randomDelay):
+
 2020-07-13  Eric Carlson  <eric.carl...@apple.com>
 
         Impossible to pause playback of MediaStream video track

Modified: trunk/Source/WebKit/NetworkProcess/NetworkSocketStream.cpp (264315 => 264316)


--- trunk/Source/WebKit/NetworkProcess/NetworkSocketStream.cpp	2020-07-13 20:43:08 UTC (rev 264315)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSocketStream.cpp	2020-07-13 21:07:55 UTC (rev 264316)
@@ -102,13 +102,13 @@
     send(Messages::WebSocketStream::DidUpdateBufferedAmount(amount));
 }
 
-static const auto delayMaxMilliseconds = 100;
-static const double delayMinMilliseconds = 10;
-static const auto closedPortErrorCode = 61;
+static constexpr auto delayMax = 100_ms;
+static constexpr auto delayMin = 10_ms;
+static constexpr auto closedPortErrorCode = 61;
 
 static Seconds randomDelay()
 {
-    return Seconds::fromMilliseconds(delayMinMilliseconds + static_cast<double>(cryptographicallyRandomNumber() % delayMaxMilliseconds));
+    return delayMin + Seconds::fromMilliseconds(static_cast<double>(cryptographicallyRandomNumber())) % delayMax;
 }
 
 void NetworkSocketStream::sendDelayedFailMessage()

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to