diff options
author | Michael Adam <obnox@samba.org> | 2013-03-15 12:34:01 +0100 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2014-12-13 01:21:02 +0100 |
commit | 308305d82754087f856abd8725b6930ea0676cd7 (patch) | |
tree | b55290aaed17ab4bb232cbdbdf019319c9066603 | |
parent | ab6255393d7a983ae3d008f13c1350cf56d32c33 (diff) | |
download | tinyproxy-308305d82754087f856abd8725b6930ea0676cd7.tar.gz tinyproxy-308305d82754087f856abd8725b6930ea0676cd7.zip |
BB#110 secure the hashmaps by adding a seed
Based on a patch provided by gpernot@praksys.org on bugzilla.
Signed-off-by: Michael Adam <obnox@samba.org>
Diffstat (limited to '')
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | src/child.c | 1 | ||||
-rw-r--r-- | src/hashmap.c | 14 |
3 files changed, 11 insertions, 6 deletions
diff --git a/configure.ac b/configure.ac index 14a4d7c..3c162f0 100644 --- a/configure.ac +++ b/configure.ac @@ -205,6 +205,8 @@ AC_CHECK_FUNCS([gethostname inet_ntoa memchr memset select socket strcasecmp \ AC_CHECK_FUNCS([isascii memcpy memmove setrlimit ftruncate regcomp regexec]) AC_CHECK_FUNCS([strlcpy strlcat setgroups]) +AC_CHECK_FUNCS([time rand srand]) + dnl Enable extra warnings DESIRED_FLAGS="-fdiagnostics-show-option -Wall -Wextra -Wno-unused-parameter -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wfloat-equal -Wundef -Wformat=2 -Wlogical-op -Wmissing-include-dirs -Wformat-nonliteral -Wold-style-definition -Wpointer-arith -Waggregate-return -Winit-self -Wpacked --std=c89 -ansi -pedantic -Wno-overlength-strings -Wc++-compat -Wno-long-long -Wno-overlength-strings -Wdeclaration-after-statement -Wredundant-decls -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-qual -Wcast-align -Wwrite-strings -Wp,-D_FORTIFY_SOURCE=2 -fno-common" diff --git a/src/child.c b/src/child.c index fefffa6..2c4dc22 100644 --- a/src/child.c +++ b/src/child.c @@ -200,6 +200,7 @@ static void child_main (struct child_s *ptr) } ptr->connects = 0; + srand(time(NULL)); /* * We have to wait for connections on multiple fds, diff --git a/src/hashmap.c b/src/hashmap.c index 0c911a8..b99f838 100644 --- a/src/hashmap.c +++ b/src/hashmap.c @@ -50,6 +50,7 @@ struct hashbucket_s { }; struct hashmap_s { + uint32_t seed; unsigned int size; hashmap_iter end_iterator; @@ -68,7 +69,7 @@ struct hashmap_s { * * If any of the arguments are invalid a negative number is returned. */ -static int hashfunc (const char *key, unsigned int size) +static int hashfunc (const char *key, unsigned int size, uint32_t seed) { uint32_t hash; @@ -77,7 +78,7 @@ static int hashfunc (const char *key, unsigned int size) if (size == 0) return -ERANGE; - for (hash = 5381; *key != '\0'; key++) { + for (hash = seed; *key != '\0'; key++) { hash = ((hash << 5) + hash) ^ tolower (*key); } @@ -103,6 +104,7 @@ hashmap_t hashmap_create (unsigned int nbuckets) if (!ptr) return NULL; + ptr->seed = (uint32_t)rand(); ptr->size = nbuckets; ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets, sizeof (struct @@ -200,7 +202,7 @@ hashmap_insert (hashmap_t map, const char *key, const void *data, size_t len) if (!data || len < 1) return -ERANGE; - hash = hashfunc (key, map->size); + hash = hashfunc (key, map->size, map->seed); if (hash < 0) return hash; @@ -381,7 +383,7 @@ ssize_t hashmap_search (hashmap_t map, const char *key) if (map == NULL || key == NULL) return -EINVAL; - hash = hashfunc (key, map->size); + hash = hashfunc (key, map->size, map->seed); if (hash < 0) return hash; @@ -415,7 +417,7 @@ ssize_t hashmap_entry_by_key (hashmap_t map, const char *key, void **data) if (!map || !key || !data) return -EINVAL; - hash = hashfunc (key, map->size); + hash = hashfunc (key, map->size, map->seed); if (hash < 0) return hash; @@ -450,7 +452,7 @@ ssize_t hashmap_remove (hashmap_t map, const char *key) if (map == NULL || key == NULL) return -EINVAL; - hash = hashfunc (key, map->size); + hash = hashfunc (key, map->size, map->seed); if (hash < 0) return hash; |