[wpinet] WebSocket: Mutex-protect static random device/engine (#8741)

wpinet/src/main/native/cpp/WebSocket.cpp

@@ -21,6 +21,7 @@
 #include "wpi/util/SmallString.hpp"
 #include "wpi/util/SmallVector.hpp"
 #include "wpi/util/StringExtras.hpp"
+#include "wpi/util/mutex.hpp"
 #include "wpi/util/print.hpp"
 #include "wpi/util/raw_ostream.hpp"
 #include "wpi/util/sha1.hpp"
@@ -117,10 +118,14 @@ class WebSocket::ClientHandshakeData {
     // key is a random nonce
     static std::random_device rd;
     static std::default_random_engine gen{rd()};
+    static wpi::util::mutex genMutex;
     std::uniform_int_distribution<unsigned int> dist(0, 255);
     char nonce[16];  // the nonce sent to the server
-    for (char& v : nonce) {
-      v = static_cast<char>(dist(gen));
+    {
+      std::scoped_lock lock{genMutex};
+      for (char& v : nonce) {
+        v = static_cast<char>(dist(gen));
+      }
     }
     wpi::util::raw_svector_ostream os(key);
     wpi::util::Base64Encode(os, {nonce, 16});

wpinet/src/main/native/cpp/WebSocketSerializer.cpp

@@ -6,6 +6,8 @@
 
 #include <random>
 
+#include "wpi/util/mutex.hpp"
+
 using namespace wpi::net::detail;
 
 static constexpr uint8_t FLAG_MASKING = 0x80;
@@ -63,10 +65,14 @@ size_t SerializedFrames::AddClientFrame(const WebSocket::Frame& frame) {
   // generate masking key
   static std::random_device rd;
   static std::default_random_engine gen{rd()};
+  static wpi::util::mutex genMutex;
   std::uniform_int_distribution<unsigned int> dist(0, 255);
   uint8_t key[4];
-  for (uint8_t& v : key) {
-    v = dist(gen);
+  {
+    std::scoped_lock lock{genMutex};
+    for (uint8_t& v : key) {
+      v = dist(gen);
+    }
   }
   std::memcpy(internalBuf, key, 4);
   internalBuf += 4;