summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2013-03-15 12:34:01 +0100
committerMichael Adam <obnox@samba.org>2014-12-13 01:21:02 +0100
commit308305d82754087f856abd8725b6930ea0676cd7 (patch)
treeb55290aaed17ab4bb232cbdbdf019319c9066603
parentab6255393d7a983ae3d008f13c1350cf56d32c33 (diff)
downloadtinyproxy-308305d82754087f856abd8725b6930ea0676cd7.tar.gz
tinyproxy-308305d82754087f856abd8725b6930ea0676cd7.zip
BB#110 secure the hashmaps by adding a seed
Based on a patch provided by gpernot@praksys.org on bugzilla. Signed-off-by: Michael Adam <obnox@samba.org>
Diffstat (limited to '')
-rw-r--r--configure.ac2
-rw-r--r--src/child.c1
-rw-r--r--src/hashmap.c14
3 files changed, 11 insertions, 6 deletions
diff --git a/configure.ac b/configure.ac
index 14a4d7c..3c162f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -205,6 +205,8 @@ AC_CHECK_FUNCS([gethostname inet_ntoa memchr memset select socket strcasecmp \
AC_CHECK_FUNCS([isascii memcpy memmove setrlimit ftruncate regcomp regexec])
AC_CHECK_FUNCS([strlcpy strlcat setgroups])
+AC_CHECK_FUNCS([time rand srand])
+
dnl Enable extra warnings
DESIRED_FLAGS="-fdiagnostics-show-option -Wall -Wextra -Wno-unused-parameter -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wfloat-equal -Wundef -Wformat=2 -Wlogical-op -Wmissing-include-dirs -Wformat-nonliteral -Wold-style-definition -Wpointer-arith -Waggregate-return -Winit-self -Wpacked --std=c89 -ansi -pedantic -Wno-overlength-strings -Wc++-compat -Wno-long-long -Wno-overlength-strings -Wdeclaration-after-statement -Wredundant-decls -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-qual -Wcast-align -Wwrite-strings -Wp,-D_FORTIFY_SOURCE=2 -fno-common"
diff --git a/src/child.c b/src/child.c
index fefffa6..2c4dc22 100644
--- a/src/child.c
+++ b/src/child.c
@@ -200,6 +200,7 @@ static void child_main (struct child_s *ptr)
}
ptr->connects = 0;
+ srand(time(NULL));
/*
* We have to wait for connections on multiple fds,
diff --git a/src/hashmap.c b/src/hashmap.c
index 0c911a8..b99f838 100644
--- a/src/hashmap.c
+++ b/src/hashmap.c
@@ -50,6 +50,7 @@ struct hashbucket_s {
};
struct hashmap_s {
+ uint32_t seed;
unsigned int size;
hashmap_iter end_iterator;
@@ -68,7 +69,7 @@ struct hashmap_s {
*
* If any of the arguments are invalid a negative number is returned.
*/
-static int hashfunc (const char *key, unsigned int size)
+static int hashfunc (const char *key, unsigned int size, uint32_t seed)
{
uint32_t hash;
@@ -77,7 +78,7 @@ static int hashfunc (const char *key, unsigned int size)
if (size == 0)
return -ERANGE;
- for (hash = 5381; *key != '\0'; key++) {
+ for (hash = seed; *key != '\0'; key++) {
hash = ((hash << 5) + hash) ^ tolower (*key);
}
@@ -103,6 +104,7 @@ hashmap_t hashmap_create (unsigned int nbuckets)
if (!ptr)
return NULL;
+ ptr->seed = (uint32_t)rand();
ptr->size = nbuckets;
ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets,
sizeof (struct
@@ -200,7 +202,7 @@ hashmap_insert (hashmap_t map, const char *key, const void *data, size_t len)
if (!data || len < 1)
return -ERANGE;
- hash = hashfunc (key, map->size);
+ hash = hashfunc (key, map->size, map->seed);
if (hash < 0)
return hash;
@@ -381,7 +383,7 @@ ssize_t hashmap_search (hashmap_t map, const char *key)
if (map == NULL || key == NULL)
return -EINVAL;
- hash = hashfunc (key, map->size);
+ hash = hashfunc (key, map->size, map->seed);
if (hash < 0)
return hash;
@@ -415,7 +417,7 @@ ssize_t hashmap_entry_by_key (hashmap_t map, const char *key, void **data)
if (!map || !key || !data)
return -EINVAL;
- hash = hashfunc (key, map->size);
+ hash = hashfunc (key, map->size, map->seed);
if (hash < 0)
return hash;
@@ -450,7 +452,7 @@ ssize_t hashmap_remove (hashmap_t map, const char *key)
if (map == NULL || key == NULL)
return -EINVAL;
- hash = hashfunc (key, map->size);
+ hash = hashfunc (key, map->size, map->seed);
if (hash < 0)
return hash;