diff options
author | Nico Golde <nion@debian.org> | 2012-02-22 11:17:27 +0000 |
---|---|---|
committer | Aron Xu <aron@debian.org> | 2012-07-19 16:45:38 +0800 |
commit | a370387923a411402251600cb2263ae82e4d1d77 (patch) | |
tree | 7a49f5ca576e2b584b77a46c3e6e4f5de7fbe4eb | |
parent | fef97a28ac259798dc22448e58f482f5f4b205c7 (diff) | |
download | libxml2-a370387923a411402251600cb2263ae82e4d1d77.tar.gz |
Imported Debian patch 2.7.8.dfsg-2+squeeze3debian/2.7.8.dfsg-2+squeeze3
-rw-r--r-- | Makefile.in | 8 | ||||
-rw-r--r-- | config.h.in | 9 | ||||
-rwxr-xr-x | configure | 24 | ||||
-rw-r--r-- | configure.in | 1 | ||||
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | dict.c | 81 | ||||
-rw-r--r-- | doc/Makefile.in | 4 | ||||
-rw-r--r-- | doc/devhelp/Makefile.in | 4 | ||||
-rw-r--r-- | doc/examples/Makefile.in | 4 | ||||
-rw-r--r-- | example/Makefile.in | 4 | ||||
-rw-r--r-- | hash.c | 38 | ||||
-rw-r--r-- | include/Makefile.in | 4 | ||||
-rw-r--r-- | include/libxml/Makefile.in | 4 | ||||
-rw-r--r-- | python/tests/Makefile.in | 4 | ||||
-rw-r--r-- | xstc/Makefile.in | 4 |
15 files changed, 150 insertions, 51 deletions
diff --git a/Makefile.in b/Makefile.in index 280063a..8e6a59f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -612,15 +612,15 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ - $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ + echo ' cd $(srcdir) && $(AUTOMAKE) --gnu'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --gnu \ && exit 0; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign Makefile + $(AUTOMAKE) --gnu Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/config.h.in b/config.h.in index d60f362..ce07e61 100644 --- a/config.h.in +++ b/config.h.in @@ -145,6 +145,9 @@ /* Define if <pthread.h> is there */ #undef HAVE_PTHREAD_H +/* Define to 1 if you have the `rand' function. */ +#undef HAVE_RAND + /* Define to 1 if you have the <resolv.h> header file. */ #undef HAVE_RESOLV_H @@ -163,6 +166,9 @@ /* Define to 1 if you have the `sprintf' function. */ #undef HAVE_SPRINTF +/* Define to 1 if you have the `srand' function. */ +#undef HAVE_SRAND + /* Define to 1 if you have the `sscanf' function. */ #undef HAVE_SSCANF @@ -225,6 +231,9 @@ /* Define to 1 if you have the <sys/types.h> header file. */ #undef HAVE_SYS_TYPES_H +/* Define to 1 if you have the `time' function. */ +#undef HAVE_TIME + /* Define to 1 if you have the <time.h> header file. */ #undef HAVE_TIME_H @@ -12663,6 +12663,18 @@ _ACEOF fi done +for ac_func in rand srand time +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + for ac_func in printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf do : @@ -12909,7 +12921,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for type of socket length (socklen_t)" >&5 $as_echo_n "checking for type of socket length (socklen_t)... " >&6; } cat > conftest.$ac_ext <<EOF -#line 12912 "configure" +#line 12924 "configure" #include "confdefs.h" #include <stddef.h> @@ -12920,7 +12932,7 @@ int main(void) { (void)getsockopt (1, 1, 1, NULL, (socklen_t *)NULL) ; return 0; } EOF -if { (eval echo configure:12923: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12935: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: socklen_t *" >&5 @@ -12932,7 +12944,7 @@ else rm -rf conftest* cat > conftest.$ac_ext <<EOF -#line 12935 "configure" +#line 12947 "configure" #include "confdefs.h" #include <stddef.h> @@ -12943,7 +12955,7 @@ int main(void) { (void)getsockopt (1, 1, 1, NULL, (size_t *)NULL) ; return 0; } EOF -if { (eval echo configure:12946: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12958: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: size_t *" >&5 @@ -12955,7 +12967,7 @@ else rm -rf conftest* cat > conftest.$ac_ext <<EOF -#line 12958 "configure" +#line 12970 "configure" #include "confdefs.h" #include <stddef.h> @@ -12966,7 +12978,7 @@ int main(void) { (void)getsockopt (1, 1, 1, NULL, (int *)NULL) ; return 0; } EOF -if { (eval echo configure:12969: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12981: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: int *" >&5 diff --git a/configure.in b/configure.in index e33a7b8..bb70ea2 100644 --- a/configure.in +++ b/configure.in @@ -477,6 +477,7 @@ AC_CHECK_FUNCS(strdup strndup strerror) AC_CHECK_FUNCS(finite isnand fp_class class fpclass) AC_CHECK_FUNCS(strftime localtime gettimeofday ftime) AC_CHECK_FUNCS(stat _stat signal) +AC_CHECK_FUNCS(rand srand time) dnl Checking the standard string functions availability AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,, diff --git a/debian/changelog b/debian/changelog index 6d34076..a2de08d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +libxml2 (2.7.8.dfsg-2+squeeze3) stable-security; urgency=high + + * Non-maintainer upload by the Security Team. + * Apply upstream patch to add randomization to hashing with large + dictionaries to mitigate hash DoS (CVE-2012-0841; Closes: #660846). + + -- Nico Golde <nion@debian.org> Wed, 22 Feb 2012 11:17:27 +0000 + libxml2 (2.7.8.dfsg-2+squeeze2) stable-security; urgency=high * Security update. @@ -2,7 +2,7 @@ * dict.c: dictionary of reusable strings, just used to avoid allocation * and freeing operations. * - * Copyright (C) 2003 Daniel Veillard. + * Copyright (C) 2003-2012 Daniel Veillard. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -19,6 +19,28 @@ #define IN_LIBXML #include "libxml.h" +#ifdef HAVE_STDLIB_H +#include <stdlib.h> +#endif +#ifdef HAVE_TIME_H +#include <time.h> +#endif + +/* + * Following http://www.ocert.org/advisories/ocert-2011-003.html + * it seems that having hash randomization might be a good idea + * when using XML with untrusted data + * Note1: that it works correctly only if compiled with WITH_BIG_KEY + * which is the default. + * Note2: the fast function used for a small dict won't protect very + * well but since the attack is based on growing a very big hash + * list we will use the BigKey algo as soon as the hash size grows + * over MIN_DICT_SIZE so this actually works + */ +#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) +#define DICT_RANDOMIZATION +#endif + #include <string.h> #ifdef HAVE_STDINT_H #include <stdint.h> @@ -44,23 +66,23 @@ typedef unsigned __int32 uint32_t; #define WITH_BIG_KEY #ifdef WITH_BIG_KEY -#define xmlDictComputeKey(dict, name, len) \ - (((dict)->size == MIN_DICT_SIZE) ? \ - xmlDictComputeFastKey(name, len) : \ - xmlDictComputeBigKey(name, len)) - -#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ - (((prefix) == NULL) ? \ - (xmlDictComputeKey(dict, name, len)) : \ - (((dict)->size == MIN_DICT_SIZE) ? \ - xmlDictComputeFastQKey(prefix, plen, name, len) : \ - xmlDictComputeBigQKey(prefix, plen, name, len))) +#define xmlDictComputeKey(dict, name, len) \ + (((dict)->size == MIN_DICT_SIZE) ? \ + xmlDictComputeFastKey(name, len, (dict)->seed) : \ + xmlDictComputeBigKey(name, len, (dict)->seed)) + +#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ + (((prefix) == NULL) ? \ + (xmlDictComputeKey(dict, name, len)) : \ + (((dict)->size == MIN_DICT_SIZE) ? \ + xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) : \ + xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed))) #else /* !WITH_BIG_KEY */ -#define xmlDictComputeKey(dict, name, len) \ - xmlDictComputeFastKey(name, len) -#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ - xmlDictComputeFastQKey(prefix, plen, name, len) +#define xmlDictComputeKey(dict, name, len) \ + xmlDictComputeFastKey(name, len, (dict)->seed) +#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ + xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) #endif /* WITH_BIG_KEY */ /* @@ -98,6 +120,8 @@ struct _xmlDict { xmlDictStringsPtr strings; struct _xmlDict *subdict; + /* used for randomization */ + int seed; }; /* @@ -125,6 +149,9 @@ static int xmlInitializeDict(void) { if ((xmlDictMutex = xmlNewRMutex()) == NULL) return(0); +#ifdef DICT_RANDOMIZATION + srand(time(NULL)); +#endif xmlDictInitialized = 1; return(1); } @@ -277,13 +304,13 @@ found_pool: */ static uint32_t -xmlDictComputeBigKey(const xmlChar* data, int namelen) { +xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) { uint32_t hash; int i; if (namelen <= 0 || data == NULL) return(0); - hash = 0; + hash = seed; for (i = 0;i < namelen; i++) { hash += data[i]; @@ -310,12 +337,12 @@ xmlDictComputeBigKey(const xmlChar* data, int namelen) { */ static unsigned long xmlDictComputeBigQKey(const xmlChar *prefix, int plen, - const xmlChar *name, int len) + const xmlChar *name, int len, int seed) { uint32_t hash; int i; - hash = 0; + hash = seed; for (i = 0;i < plen; i++) { hash += prefix[i]; @@ -346,8 +373,8 @@ xmlDictComputeBigQKey(const xmlChar *prefix, int plen, * for low hash table fill. */ static unsigned long -xmlDictComputeFastKey(const xmlChar *name, int namelen) { - unsigned long value = 0L; +xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) { + unsigned long value = seed; if (name == NULL) return(0); value = *name; @@ -381,9 +408,9 @@ xmlDictComputeFastKey(const xmlChar *name, int namelen) { */ static unsigned long xmlDictComputeFastQKey(const xmlChar *prefix, int plen, - const xmlChar *name, int len) + const xmlChar *name, int len, int seed) { - unsigned long value = 0L; + unsigned long value = (unsigned long) seed; if (plen == 0) value += 30 * (unsigned long) ':'; @@ -460,6 +487,11 @@ xmlDictCreate(void) { dict->subdict = NULL; if (dict->dict) { memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry)); +#ifdef DICT_RANDOMIZATION + dict->seed = rand(); +#else + dict->seed = 0; +#endif return(dict); } xmlFree(dict); @@ -486,6 +518,7 @@ xmlDictCreateSub(xmlDictPtr sub) { #ifdef DICT_DEBUG_PATTERNS fprintf(stderr, "R"); #endif + dict->seed = sub->seed; dict->subdict = sub; xmlDictReference(dict->subdict); } diff --git a/doc/Makefile.in b/doc/Makefile.in index adfdaa5..3729efa 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -376,9 +376,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/Makefile + $(AUTOMAKE) --gnu doc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/doc/devhelp/Makefile.in b/doc/devhelp/Makefile.in index 1206894..91f1192 100644 --- a/doc/devhelp/Makefile.in +++ b/doc/devhelp/Makefile.in @@ -344,9 +344,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/devhelp/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/devhelp/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/devhelp/Makefile + $(AUTOMAKE) --gnu doc/devhelp/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/doc/examples/Makefile.in b/doc/examples/Makefile.in index e1e7084..c00e800 100644 --- a/doc/examples/Makefile.in +++ b/doc/examples/Makefile.in @@ -459,9 +459,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/examples/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/examples/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/examples/Makefile + $(AUTOMAKE) --gnu doc/examples/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/example/Makefile.in b/example/Makefile.in index 56d1765..3e40cf5 100644 --- a/example/Makefile.in +++ b/example/Makefile.in @@ -318,9 +318,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign example/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu example/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign example/Makefile + $(AUTOMAKE) --gnu example/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -3,7 +3,7 @@ * * Reference: Your favorite introductory book on algorithms * - * Copyright (C) 2000 Bjorn Reese and Daniel Veillard. + * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -21,6 +21,22 @@ #include "libxml.h" #include <string.h> +#ifdef HAVE_STDLIB_H +#include <stdlib.h> +#endif +#ifdef HAVE_TIME_H +#include <time.h> +#endif + +/* + * Following http://www.ocert.org/advisories/ocert-2011-003.html + * it seems that having hash randomization might be a good idea + * when using XML with untrusted data + */ +#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) +#define HASH_RANDOMIZATION +#endif + #include <libxml/parser.h> #include <libxml/hash.h> #include <libxml/xmlmemory.h> @@ -31,6 +47,10 @@ /* #define DEBUG_GROW */ +#ifdef HASH_RANDOMIZATION +static int hash_initialized = 0; +#endif + /* * A single entry in the hash table */ @@ -53,6 +73,9 @@ struct _xmlHashTable { int size; int nbElems; xmlDictPtr dict; +#ifdef HASH_RANDOMIZATION + int random_seed; +#endif }; /* @@ -65,6 +88,9 @@ xmlHashComputeKey(xmlHashTablePtr table, const xmlChar *name, unsigned long value = 0L; char ch; +#ifdef HASH_RANDOMIZATION + value = table->random_seed; +#endif if (name != NULL) { value += 30 * (*name); while ((ch = *name++) != 0) { @@ -92,6 +118,9 @@ xmlHashComputeQKey(xmlHashTablePtr table, unsigned long value = 0L; char ch; +#ifdef HASH_RANDOMIZATION + value = table->random_seed; +#endif if (prefix != NULL) value += 30 * (*prefix); else @@ -156,6 +185,13 @@ xmlHashCreate(int size) { table->table = xmlMalloc(size * sizeof(xmlHashEntry)); if (table->table) { memset(table->table, 0, size * sizeof(xmlHashEntry)); +#ifdef HASH_RANDOMIZATION + if (!hash_initialized) { + srand(time(NULL)); + hash_initialized = 1; + } + table->random_seed = rand(); +#endif return(table); } xmlFree(table); diff --git a/include/Makefile.in b/include/Makefile.in index 4898b2a..e8c7ffc 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -327,9 +327,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu include/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign include/Makefile + $(AUTOMAKE) --gnu include/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/include/libxml/Makefile.in b/include/libxml/Makefile.in index 6b5709c..eca0a6a 100644 --- a/include/libxml/Makefile.in +++ b/include/libxml/Makefile.in @@ -363,9 +363,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/libxml/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu include/libxml/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign include/libxml/Makefile + $(AUTOMAKE) --gnu include/libxml/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/python/tests/Makefile.in b/python/tests/Makefile.in index d6c8fc3..bfa5678 100644 --- a/python/tests/Makefile.in +++ b/python/tests/Makefile.in @@ -366,9 +366,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign python/tests/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu python/tests/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign python/tests/Makefile + $(AUTOMAKE) --gnu python/tests/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff --git a/xstc/Makefile.in b/xstc/Makefile.in index 2f5f6c0..25da025 100644 --- a/xstc/Makefile.in +++ b/xstc/Makefile.in @@ -308,9 +308,9 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign xstc/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu xstc/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign xstc/Makefile + $(AUTOMAKE) --gnu xstc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ |