diff options
Diffstat (limited to 'textproc/libxml2/patches/patch-CVE-2012-0841-ab')
| -rw-r--r-- | textproc/libxml2/patches/patch-CVE-2012-0841-ab | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/textproc/libxml2/patches/patch-CVE-2012-0841-ab b/textproc/libxml2/patches/patch-CVE-2012-0841-ab new file mode 100644 index 00000000000..548c9242dfc --- /dev/null +++ b/textproc/libxml2/patches/patch-CVE-2012-0841-ab @@ -0,0 +1,93 @@ +$NetBSD: patch-CVE-2012-0841-ab,v 1.1 2012/03/09 12:12:28 drochner Exp $ + +patch 8973d58b7498fa5100a876815476b81fd1a2412a + +--- hash.c.orig 2010-10-12 06:25:32.000000000 +0000 ++++ hash.c +@@ -3,7 +3,7 @@ + * + * Reference: Your favorite introductory book on algorithms + * +- * Copyright (C) 2000 Bjorn Reese and Daniel Veillard. ++ * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -21,6 +21,22 @@ + #include "libxml.h" + + #include <string.h> ++#ifdef HAVE_STDLIB_H ++#include <stdlib.h> ++#endif ++#ifdef HAVE_TIME_H ++#include <time.h> ++#endif ++ ++/* ++ * Following http://www.ocert.org/advisories/ocert-2011-003.html ++ * it seems that having hash randomization might be a good idea ++ * when using XML with untrusted data ++ */ ++#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) ++#define HASH_RANDOMIZATION ++#endif ++ + #include <libxml/parser.h> + #include <libxml/hash.h> + #include <libxml/xmlmemory.h> +@@ -31,6 +47,10 @@ + + /* #define DEBUG_GROW */ + ++#ifdef HASH_RANDOMIZATION ++static int hash_initialized = 0; ++#endif ++ + /* + * A single entry in the hash table + */ +@@ -53,6 +73,9 @@ struct _xmlHashTable { + int size; + int nbElems; + xmlDictPtr dict; ++#ifdef HASH_RANDOMIZATION ++ int random_seed; ++#endif + }; + + /* +@@ -65,6 +88,9 @@ xmlHashComputeKey(xmlHashTablePtr table, + unsigned long value = 0L; + char ch; + ++#ifdef HASH_RANDOMIZATION ++ value = table->random_seed; ++#endif + if (name != NULL) { + value += 30 * (*name); + while ((ch = *name++) != 0) { +@@ -92,6 +118,9 @@ xmlHashComputeQKey(xmlHashTablePtr table + unsigned long value = 0L; + char ch; + ++#ifdef HASH_RANDOMIZATION ++ value = table->random_seed; ++#endif + if (prefix != NULL) + value += 30 * (*prefix); + else +@@ -156,6 +185,13 @@ xmlHashCreate(int size) { + table->table = xmlMalloc(size * sizeof(xmlHashEntry)); + if (table->table) { + memset(table->table, 0, size * sizeof(xmlHashEntry)); ++#ifdef HASH_RANDOMIZATION ++ if (!hash_initialized) { ++ srand(time(NULL)); ++ hash_initialized = 1; ++ } ++ table->random_seed = rand(); ++#endif + return(table); + } + xmlFree(table); |