summaryrefslogtreecommitdiff
path: root/devel
diff options
context:
space:
mode:
authorspz <spz@pkgsrc.org>2012-02-11 12:44:09 +0000
committerspz <spz@pkgsrc.org>2012-02-11 12:44:09 +0000
commit277d176180ebdc2b8ff04ef7b805bcb8ec744e8d (patch)
tree53506ffe7e9b5dd98b8758737be63a8a828168d5 /devel
parent06fafe34d22f47a441d35f6d49c4d112fb1035e1 (diff)
downloadpkgsrc-277d176180ebdc2b8ff04ef7b805bcb8ec744e8d.tar.gz
fix CVE-2012-0840 with patches taken from the Apache svn
Diffstat (limited to 'devel')
-rw-r--r--devel/apr/Makefile4
-rw-r--r--devel/apr/distinfo4
-rw-r--r--devel/apr/patches/patch-tables_apr__hash.c138
-rw-r--r--devel/apr/patches/patch-test_testhash.c96
4 files changed, 239 insertions, 3 deletions
diff --git a/devel/apr/Makefile b/devel/apr/Makefile
index ba1d1e03c6b..dd81949509d 100644
--- a/devel/apr/Makefile
+++ b/devel/apr/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.67 2011/12/02 07:13:28 sbd Exp $
+# $NetBSD: Makefile,v 1.68 2012/02/11 12:44:09 spz Exp $
DISTNAME= apr-1.4.5
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_APACHE:=apr/}
EXTRACT_SUFX= .tar.bz2
diff --git a/devel/apr/distinfo b/devel/apr/distinfo
index cc01c1b8434..d53db4044f9 100644
--- a/devel/apr/distinfo
+++ b/devel/apr/distinfo
@@ -1,7 +1,9 @@
-$NetBSD: distinfo,v 1.33 2011/11/19 21:16:22 alnsn Exp $
+$NetBSD: distinfo,v 1.34 2012/02/11 12:44:09 spz Exp $
SHA1 (apr-1.4.5.tar.bz2) = 517de5e3cc1e3be810d9bc95508ab66bb8ebe7cb
RMD160 (apr-1.4.5.tar.bz2) = d2a966c1b143416cd3655cf849cb5d3cb1ca2c5f
Size (apr-1.4.5.tar.bz2) = 754763 bytes
SHA1 (patch-atomic_unix_ia32.c) = c51d5810ceb8438b04d7945a476fef96ea57a76a
+SHA1 (patch-tables_apr__hash.c) = 6ef340a7c36d54134fd41e0da9e6739b24897e32
SHA1 (patch-test_testatomic.c) = 0905b0001e0d06b9c96beb1c32ee9ce9382f233f
+SHA1 (patch-test_testhash.c) = 4233874557009e99d00436401be0b9793603978e
diff --git a/devel/apr/patches/patch-tables_apr__hash.c b/devel/apr/patches/patch-tables_apr__hash.c
new file mode 100644
index 00000000000..54140120274
--- /dev/null
+++ b/devel/apr/patches/patch-tables_apr__hash.c
@@ -0,0 +1,138 @@
+$NetBSD: patch-tables_apr__hash.c,v 1.1 2012/02/11 12:44:09 spz Exp $
+
+http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/tables/apr_hash.c
+revision 1237547:
+Randomise hashes by providing a seed (initial hash value).
+
+--- tables/apr_hash.c.orig 2010-01-19 21:39:11.000000000 +0000
++++ tables/apr_hash.c
+@@ -18,6 +18,7 @@
+
+ #include "apr_general.h"
+ #include "apr_pools.h"
++#include "apr_time.h"
+
+ #include "apr_hash.h"
+
+@@ -75,7 +76,7 @@ struct apr_hash_t {
+ apr_pool_t *pool;
+ apr_hash_entry_t **array;
+ apr_hash_index_t iterator; /* For apr_hash_first(NULL, ...) */
+- unsigned int count, max;
++ unsigned int count, max, seed;
+ apr_hashfunc_t hash_func;
+ apr_hash_entry_t *free; /* List of recycled entries */
+ };
+@@ -95,13 +96,18 @@ static apr_hash_entry_t **alloc_array(ap
+ APR_DECLARE(apr_hash_t *) apr_hash_make(apr_pool_t *pool)
+ {
+ apr_hash_t *ht;
++ apr_time_t now = apr_time_now();
++
+ ht = apr_palloc(pool, sizeof(apr_hash_t));
+ ht->pool = pool;
+ ht->free = NULL;
+ ht->count = 0;
+ ht->max = INITIAL_MAX;
++ ht->seed = (unsigned int)((now >> 32) ^ now ^ (apr_uintptr_t)pool ^
++ (apr_uintptr_t)ht ^ (apr_uintptr_t)&now) - 1;
+ ht->array = alloc_array(ht, ht->max);
+- ht->hash_func = apr_hashfunc_default;
++ ht->hash_func = NULL;
++
+ return ht;
+ }
+
+@@ -178,10 +184,9 @@ static void expand_array(apr_hash_t *ht)
+ ht->max = new_max;
+ }
+
+-APR_DECLARE_NONSTD(unsigned int) apr_hashfunc_default(const char *char_key,
+- apr_ssize_t *klen)
++static unsigned int hashfunc_default(const char *char_key, apr_ssize_t *klen,
++ unsigned int hash)
+ {
+- unsigned int hash = 0;
+ const unsigned char *key = (const unsigned char *)char_key;
+ const unsigned char *p;
+ apr_ssize_t i;
+@@ -223,7 +228,7 @@ APR_DECLARE_NONSTD(unsigned int) apr_has
+ *
+ * -- Ralf S. Engelschall <rse@engelschall.com>
+ */
+-
++
+ if (*klen == APR_HASH_KEY_STRING) {
+ for (p = key; *p; p++) {
+ hash = hash * 33 + *p;
+@@ -239,6 +244,11 @@ APR_DECLARE_NONSTD(unsigned int) apr_has
+ return hash;
+ }
+
++APR_DECLARE_NONSTD(unsigned int) apr_hashfunc_default(const char *char_key,
++ apr_ssize_t *klen)
++{
++ return hashfunc_default(char_key, klen, 0);
++}
+
+ /*
+ * This is where we keep the details of the hash function and control
+@@ -257,7 +267,10 @@ static apr_hash_entry_t **find_entry(apr
+ apr_hash_entry_t **hep, *he;
+ unsigned int hash;
+
+- hash = ht->hash_func(key, &klen);
++ if (ht->hash_func)
++ hash = ht->hash_func(key, &klen);
++ else
++ hash = hashfunc_default(key, &klen, ht->seed);
+
+ /* scan linked list */
+ for (hep = &ht->array[hash & ht->max], he = *hep;
+@@ -299,6 +312,7 @@ APR_DECLARE(apr_hash_t *) apr_hash_copy(
+ ht->free = NULL;
+ ht->count = orig->count;
+ ht->max = orig->max;
++ ht->seed = orig->seed;
+ ht->hash_func = orig->hash_func;
+ ht->array = (apr_hash_entry_t **)((char *)ht + sizeof(apr_hash_t));
+
+@@ -396,7 +410,7 @@ APR_DECLARE(apr_hash_t *) apr_hash_merge
+ apr_hash_entry_t *new_vals = NULL;
+ apr_hash_entry_t *iter;
+ apr_hash_entry_t *ent;
+- unsigned int i,j,k;
++ unsigned int i, j, k, hash;
+
+ #if APR_POOL_DEBUG
+ /* we don't copy keys and values, so it's necessary that
+@@ -424,6 +438,7 @@ APR_DECLARE(apr_hash_t *) apr_hash_merge
+ if (base->count + overlay->count > res->max) {
+ res->max = res->max * 2 + 1;
+ }
++ res->seed = base->seed;
+ res->array = alloc_array(res, res->max);
+ if (base->count + overlay->count) {
+ new_vals = apr_palloc(p, sizeof(apr_hash_entry_t) *
+@@ -445,7 +460,11 @@ APR_DECLARE(apr_hash_t *) apr_hash_merge
+
+ for (k = 0; k <= overlay->max; k++) {
+ for (iter = overlay->array[k]; iter; iter = iter->next) {
+- i = iter->hash & res->max;
++ if (res->hash_func)
++ hash = res->hash_func(iter->key, &iter->klen);
++ else
++ hash = hashfunc_default(iter->key, &iter->klen, res->seed);
++ i = hash & res->max;
+ for (ent = res->array[i]; ent; ent = ent->next) {
+ if ((ent->klen == iter->klen) &&
+ (memcmp(ent->key, iter->key, iter->klen) == 0)) {
+@@ -463,7 +482,7 @@ APR_DECLARE(apr_hash_t *) apr_hash_merge
+ new_vals[j].klen = iter->klen;
+ new_vals[j].key = iter->key;
+ new_vals[j].val = iter->val;
+- new_vals[j].hash = iter->hash;
++ new_vals[j].hash = hash;
+ new_vals[j].next = res->array[i];
+ res->array[i] = &new_vals[j];
+ res->count++;
diff --git a/devel/apr/patches/patch-test_testhash.c b/devel/apr/patches/patch-test_testhash.c
new file mode 100644
index 00000000000..1497b19dd54
--- /dev/null
+++ b/devel/apr/patches/patch-test_testhash.c
@@ -0,0 +1,96 @@
+$NetBSD: patch-test_testhash.c,v 1.1 2012/02/11 12:44:09 spz Exp $
+
+http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/test/testhash.c
+revision 1237547:
+Randomise hashes by providing a seed (initial hash value).
+
+--- test/testhash.c.orig 2007-11-01 23:01:06.000000000 +0000
++++ test/testhash.c
+@@ -437,6 +437,79 @@ static void overlay_same(abts_case *tc,
+ ABTS_STR_EQUAL(tc, "#entries 5\n", StrArray[5]);
+ }
+
++static void overlay_fetch(abts_case *tc, void *data)
++{
++ apr_hash_t *base = NULL;
++ apr_hash_t *overlay = NULL;
++ apr_hash_t *result = NULL;
++ int count;
++
++ base = apr_hash_make(p);
++ overlay = apr_hash_make(p);
++ ABTS_PTR_NOTNULL(tc, base);
++ ABTS_PTR_NOTNULL(tc, overlay);
++
++ apr_hash_set(base, "base1", APR_HASH_KEY_STRING, "value1");
++ apr_hash_set(base, "base2", APR_HASH_KEY_STRING, "value2");
++ apr_hash_set(base, "base3", APR_HASH_KEY_STRING, "value3");
++ apr_hash_set(base, "base4", APR_HASH_KEY_STRING, "value4");
++ apr_hash_set(base, "base5", APR_HASH_KEY_STRING, "value5");
++
++ apr_hash_set(overlay, "overlay1", APR_HASH_KEY_STRING, "value1");
++ apr_hash_set(overlay, "overlay2", APR_HASH_KEY_STRING, "value2");
++ apr_hash_set(overlay, "overlay3", APR_HASH_KEY_STRING, "value3");
++ apr_hash_set(overlay, "overlay4", APR_HASH_KEY_STRING, "value4");
++ apr_hash_set(overlay, "overlay5", APR_HASH_KEY_STRING, "value5");
++
++ result = apr_hash_overlay(p, overlay, base);
++
++ count = apr_hash_count(result);
++ ABTS_INT_EQUAL(tc, 10, count);
++
++ ABTS_STR_EQUAL(tc, "value1",
++ apr_hash_get(result, "base1", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value2",
++ apr_hash_get(result, "base2", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value3",
++ apr_hash_get(result, "base3", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value4",
++ apr_hash_get(result, "base4", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value5",
++ apr_hash_get(result, "base5", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value1",
++ apr_hash_get(result, "overlay1", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value2",
++ apr_hash_get(result, "overlay2", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value3",
++ apr_hash_get(result, "overlay3", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value4",
++ apr_hash_get(result, "overlay4", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value5",
++ apr_hash_get(result, "overlay5", APR_HASH_KEY_STRING));
++
++ ABTS_STR_EQUAL(tc, "value1",
++ apr_hash_get(base, "base1", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value2",
++ apr_hash_get(base, "base2", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value3",
++ apr_hash_get(base, "base3", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value4",
++ apr_hash_get(base, "base4", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value5",
++ apr_hash_get(base, "base5", APR_HASH_KEY_STRING));
++
++ ABTS_STR_EQUAL(tc, "value1",
++ apr_hash_get(overlay, "overlay1", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value2",
++ apr_hash_get(overlay, "overlay2", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value3",
++ apr_hash_get(overlay, "overlay3", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value4",
++ apr_hash_get(overlay, "overlay4", APR_HASH_KEY_STRING));
++ ABTS_STR_EQUAL(tc, "value5",
++ apr_hash_get(overlay, "overlay5", APR_HASH_KEY_STRING));
++}
++
+ abts_suite *testhash(abts_suite *suite)
+ {
+ suite = ADD_SUITE(suite)
+@@ -460,6 +533,7 @@ abts_suite *testhash(abts_suite *suite)
+ abts_run_test(suite, overlay_empty, NULL);
+ abts_run_test(suite, overlay_2unique, NULL);
+ abts_run_test(suite, overlay_same, NULL);
++ abts_run_test(suite, overlay_fetch, NULL);
+
+ return suite;
+ }