From c13b61f07ec1a83cdf766c19fbb7d3059cef61c2 Mon Sep 17 00:00:00 2001
From: Dmitry Chestnykh <dmitry@codingrobots.com>
Date: Sat, 30 Jan 2016 09:02:02 +0100
Subject: [PATCH] Use CSPRNG to generate objectIds

---
 RestWrite.js | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/RestWrite.js b/RestWrite.js
index 6e63a324a3..418e077bd5 100644
--- a/RestWrite.js
+++ b/RestWrite.js
@@ -2,6 +2,7 @@
 // that writes to the database.
 // This could be either a "create" or an "update".
 
+var crypto = require('crypto');
 var deepcopy = require('deepcopy');
 var rack = require('hat').rack();
 
@@ -702,15 +703,18 @@ RestWrite.prototype.objectId = function() {
   return this.data.objectId || this.query.objectId;
 };
 
-// Returns a string that's usable as an object id.
-// Probably unique. Good enough? Probably!
+// Returns a unique string that's usable as an object id.
 function newObjectId() {
   var chars = ('ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
                'abcdefghijklmnopqrstuvwxyz' +
                '0123456789');
   var objectId = '';
-  for (var i = 0; i < 10; ++i) {
-    objectId += chars[Math.floor(Math.random() * chars.length)];
+  var bytes = crypto.randomBytes(10);
+  for (var i = 0; i < bytes.length; ++i) {
+    // Note: there is a slight modulo bias, because chars length
+    // of 62 doesn't divide the number of all bytes (256) evenly.
+    // It is acceptable for our purposes.
+    objectId += chars[bytes.readUInt8(i) % chars.length];
   }
   return objectId;
 }