Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/libxml2/patches/19.CVE-2012-0841.patch
branchs11-update
changeset 2452 9dc4dfa4b04d
parent 2451 f54396da08ea
child 2454 82b8521a2f38 
--- a/components/libxml2/patches/19.CVE-2012-0841.patch	Wed Dec 19 02:21:27 2012 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,294 +0,0 @@
-This patch copied/pasted from this link:
-http://git.gnome.org/browse/libxml2/patch/?id=8973d58b7498fa5100a876815476b81fd1a2412a
-----------------------------------------------------------------------
-From 8973d58b7498fa5100a876815476b81fd1a2412a Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Sat, 04 Feb 2012 11:07:44 +0000
-Subject: Add hash randomization to hash and dict structures
-
-Following http://www.ocert.org/advisories/ocert-2011-003.html
-it seems that having hash randomization might be a good idea
-when using XML with untrusted data
-* configure.in: lookup for rand, srand and time
-* dict.c: add randomization to dictionaries hash tables
-* hash.c: add randomization to normal hash tables
----
-diff --git a/configure.in b/configure.in
-index fa80375..828b66a 100644
---- a/configure.in
-+++ b/configure.in
-@@ -512,6 +512,7 @@ AC_CHECK_FUNCS(strdup strndup strerror)
- AC_CHECK_FUNCS(finite isnand fp_class class fpclass)
- AC_CHECK_FUNCS(strftime localtime gettimeofday ftime)
- AC_CHECK_FUNCS(stat _stat signal)
-+AC_CHECK_FUNCS(rand srand time)
- 
- dnl Checking the standard string functions availability
- AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,,
-diff --git a/dict.c b/dict.c
-index 3eff231..ae4966b 100644
---- a/dict.c
-+++ b/dict.c
-@@ -2,7 +2,7 @@
-  * dict.c: dictionary of reusable strings, just used to avoid allocation
-  *         and freeing operations.
-  *
-- * Copyright (C) 2003 Daniel Veillard.
-+ * Copyright (C) 2003-2012 Daniel Veillard.
-  *
-  * Permission to use, copy, modify, and distribute this software for any
-  * purpose with or without fee is hereby granted, provided that the above
-@@ -19,6 +19,28 @@
- #define IN_LIBXML
- #include "libxml.h"
- 
-+#ifdef HAVE_STDLIB_H
-+#include <stdlib.h>
-+#endif
-+#ifdef HAVE_TIME_H
-+#include <time.h>
-+#endif
-+
-+/*
-+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
-+ * it seems that having hash randomization might be a good idea
-+ * when using XML with untrusted data
-+ * Note1: that it works correctly only if compiled with WITH_BIG_KEY
-+ *  which is the default.
-+ * Note2: the fast function used for a small dict won't protect very
-+ *  well but since the attack is based on growing a very big hash
-+ *  list we will use the BigKey algo as soon as the hash size grows
-+ *  over MIN_DICT_SIZE so this actually works
-+ */
-+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
-+#define DICT_RANDOMIZATION
-+#endif
-+
- #include <string.h>
- #ifdef HAVE_STDINT_H
- #include <stdint.h>
-@@ -44,23 +66,23 @@ typedef unsigned __int32 uint32_t;
- #define WITH_BIG_KEY
- 
- #ifdef WITH_BIG_KEY
--#define xmlDictComputeKey(dict, name, len)			\
--    (((dict)->size == MIN_DICT_SIZE) ?				\
--     xmlDictComputeFastKey(name, len) :				\
--     xmlDictComputeBigKey(name, len))
--
--#define xmlDictComputeQKey(dict, prefix, plen, name, len)	\
--    (((prefix) == NULL) ?					\
--      (xmlDictComputeKey(dict, name, len)) :			\
--      (((dict)->size == MIN_DICT_SIZE) ?			\
--       xmlDictComputeFastQKey(prefix, plen, name, len) :	\
--       xmlDictComputeBigQKey(prefix, plen, name, len)))
-+#define xmlDictComputeKey(dict, name, len)                              \
-+    (((dict)->size == MIN_DICT_SIZE) ?                                  \
-+     xmlDictComputeFastKey(name, len, (dict)->seed) :                   \
-+     xmlDictComputeBigKey(name, len, (dict)->seed))
-+
-+#define xmlDictComputeQKey(dict, prefix, plen, name, len)               \
-+    (((prefix) == NULL) ?                                               \
-+      (xmlDictComputeKey(dict, name, len)) :                             \
-+      (((dict)->size == MIN_DICT_SIZE) ?                                \
-+       xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) :	\
-+       xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed)))
- 
- #else /* !WITH_BIG_KEY */
--#define xmlDictComputeKey(dict, name, len)			\
--        xmlDictComputeFastKey(name, len)
--#define xmlDictComputeQKey(dict, prefix, plen, name, len)	\
--        xmlDictComputeFastQKey(prefix, plen, name, len)
-+#define xmlDictComputeKey(dict, name, len)                              \
-+        xmlDictComputeFastKey(name, len, (dict)->seed)
-+#define xmlDictComputeQKey(dict, prefix, plen, name, len)               \
-+        xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed)
- #endif /* WITH_BIG_KEY */
- 
- /*
-@@ -98,6 +120,8 @@ struct _xmlDict {
-     xmlDictStringsPtr strings;
- 
-     struct _xmlDict *subdict;
-+    /* used for randomization */
-+    int seed;
- };
- 
- /*
-@@ -125,6 +149,9 @@ static int xmlInitializeDict(void) {
-     if ((xmlDictMutex = xmlNewRMutex()) == NULL)
-         return(0);
- 
-+#ifdef DICT_RANDOMIZATION
-+    srand(time(NULL));
-+#endif
-     xmlDictInitialized = 1;
-     return(1);
- }
-@@ -277,13 +304,13 @@ found_pool:
-  */
- 
- static uint32_t
--xmlDictComputeBigKey(const xmlChar* data, int namelen) {
-+xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) {
-     uint32_t hash;
-     int i;
- 
-     if (namelen <= 0 || data == NULL) return(0);
- 
--    hash = 0;
-+    hash = seed;
- 
-     for (i = 0;i < namelen; i++) {
-         hash += data[i];
-@@ -310,12 +337,12 @@ xmlDictComputeBigKey(const xmlChar* data, int namelen) {
-  */
- static unsigned long
- xmlDictComputeBigQKey(const xmlChar *prefix, int plen,
--                      const xmlChar *name, int len)
-+                      const xmlChar *name, int len, int seed)
- {
-     uint32_t hash;
-     int i;
- 
--    hash = 0;
-+    hash = seed;
- 
-     for (i = 0;i < plen; i++) {
-         hash += prefix[i];
-@@ -346,8 +373,8 @@ xmlDictComputeBigQKey(const xmlChar *prefix, int plen,
-  * for low hash table fill.
-  */
- static unsigned long
--xmlDictComputeFastKey(const xmlChar *name, int namelen) {
--    unsigned long value = 0L;
-+xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) {
-+    unsigned long value = seed;
- 
-     if (name == NULL) return(0);
-     value = *name;
-@@ -381,9 +408,9 @@ xmlDictComputeFastKey(const xmlChar *name, int namelen) {
-  */
- static unsigned long
- xmlDictComputeFastQKey(const xmlChar *prefix, int plen,
--                       const xmlChar *name, int len)
-+                       const xmlChar *name, int len, int seed)
- {
--    unsigned long value = 0L;
-+    unsigned long value = (unsigned long) seed;
- 
-     if (plen == 0)
- 	value += 30 * (unsigned long) ':';
-@@ -460,6 +487,11 @@ xmlDictCreate(void) {
- 	dict->subdict = NULL;
-         if (dict->dict) {
- 	    memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry));
-+#ifdef DICT_RANDOMIZATION
-+            dict->seed = rand();
-+#else
-+            dict->seed = 0;
-+#endif
- 	    return(dict);
-         }
-         xmlFree(dict);
-@@ -486,6 +518,7 @@ xmlDictCreateSub(xmlDictPtr sub) {
- #ifdef DICT_DEBUG_PATTERNS
-         fprintf(stderr, "R");
- #endif
-+        dict->seed = sub->seed;
-         dict->subdict = sub;
- 	xmlDictReference(dict->subdict);
-     }
-diff --git a/hash.c b/hash.c
-index b78bc2d..fe1424f 100644
---- a/hash.c
-+++ b/hash.c
-@@ -3,7 +3,7 @@
-  *
-  * Reference: Your favorite introductory book on algorithms
-  *
-- * Copyright (C) 2000 Bjorn Reese and Daniel Veillard.
-+ * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard.
-  *
-  * Permission to use, copy, modify, and distribute this software for any
-  * purpose with or without fee is hereby granted, provided that the above
-@@ -21,6 +21,22 @@
- #include "libxml.h"
- 
- #include <string.h>
-+#ifdef HAVE_STDLIB_H
-+#include <stdlib.h>
-+#endif
-+#ifdef HAVE_TIME_H
-+#include <time.h>
-+#endif
-+
-+/*
-+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
-+ * it seems that having hash randomization might be a good idea
-+ * when using XML with untrusted data
-+ */
-+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
-+#define HASH_RANDOMIZATION
-+#endif
-+
- #include <libxml/parser.h>
- #include <libxml/hash.h>
- #include <libxml/xmlmemory.h>
-@@ -31,6 +47,10 @@
- 
- /* #define DEBUG_GROW */
- 
-+#ifdef HASH_RANDOMIZATION
-+static int hash_initialized = 0;
-+#endif
-+
- /*
-  * A single entry in the hash table
-  */
-@@ -53,6 +73,9 @@ struct _xmlHashTable {
-     int size;
-     int nbElems;
-     xmlDictPtr dict;
-+#ifdef HASH_RANDOMIZATION
-+    int random_seed;
-+#endif
- };
- 
- /*
-@@ -65,6 +88,9 @@ xmlHashComputeKey(xmlHashTablePtr table, const xmlChar *name,
-     unsigned long value = 0L;
-     char ch;
-     
-+#ifdef HASH_RANDOMIZATION
-+    value = table->random_seed;
-+#endif
-     if (name != NULL) {
- 	value += 30 * (*name);
- 	while ((ch = *name++) != 0) {
-@@ -92,6 +118,9 @@ xmlHashComputeQKey(xmlHashTablePtr table,
-     unsigned long value = 0L;
-     char ch;
-     
-+#ifdef HASH_RANDOMIZATION
-+    value = table->random_seed;
-+#endif
-     if (prefix != NULL)
- 	value += 30 * (*prefix);
-     else
-@@ -156,6 +185,13 @@ xmlHashCreate(int size) {
-         table->table = xmlMalloc(size * sizeof(xmlHashEntry));
-         if (table->table) {
-   	    memset(table->table, 0, size * sizeof(xmlHashEntry));
-+#ifdef HASH_RANDOMIZATION
-+            if (!hash_initialized) {
-+                srand(time(NULL));
-+                hash_initialized = 1;
-+            }
-+            table->random_seed = rand();
-+#endif
-   	    return(table);
-         }
-         xmlFree(table);
---
-cgit v0.9.0.2
upstream/oracle/userland-gate