BB#110 secure the hashmaps by adding a seed

Based on a patch provided by gpernot@praksys.org on bugzilla.

Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 308305d827)
This commit is contained in:
Michael Adam 2013-03-15 12:34:01 +01:00
parent 132a32a68d
commit 8845bdbff7
3 changed files with 11 additions and 6 deletions

View File

@ -205,6 +205,8 @@ AC_CHECK_FUNCS([gethostname inet_ntoa memchr memset select socket strcasecmp \
AC_CHECK_FUNCS([isascii memcpy memmove setrlimit ftruncate regcomp regexec]) AC_CHECK_FUNCS([isascii memcpy memmove setrlimit ftruncate regcomp regexec])
AC_CHECK_FUNCS([strlcpy strlcat setgroups]) AC_CHECK_FUNCS([strlcpy strlcat setgroups])
AC_CHECK_FUNCS([time rand srand])
dnl Enable extra warnings dnl Enable extra warnings
DESIRED_FLAGS="-fdiagnostics-show-option -Wall -Wextra -Wno-unused-parameter -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wfloat-equal -Wundef -Wformat=2 -Wlogical-op -Wmissing-include-dirs -Wformat-nonliteral -Wold-style-definition -Wpointer-arith -Waggregate-return -Winit-self -Wpacked --std=c89 -ansi -pedantic -Wc++-compat -Wno-long-long -Wno-overlength-strings -Wdeclaration-after-statement -Wredundant-decls -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-qual -Wcast-align -Wwrite-strings -Wp,-D_FORTIFY_SOURCE=2 -fno-common" DESIRED_FLAGS="-fdiagnostics-show-option -Wall -Wextra -Wno-unused-parameter -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wfloat-equal -Wundef -Wformat=2 -Wlogical-op -Wmissing-include-dirs -Wformat-nonliteral -Wold-style-definition -Wpointer-arith -Waggregate-return -Winit-self -Wpacked --std=c89 -ansi -pedantic -Wc++-compat -Wno-long-long -Wno-overlength-strings -Wdeclaration-after-statement -Wredundant-decls -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-qual -Wcast-align -Wwrite-strings -Wp,-D_FORTIFY_SOURCE=2 -fno-common"

View File

@ -200,6 +200,7 @@ static void child_main (struct child_s *ptr)
} }
ptr->connects = 0; ptr->connects = 0;
srand(time(NULL));
/* /*
* We have to wait for connections on multiple fds, * We have to wait for connections on multiple fds,

View File

@ -50,6 +50,7 @@ struct hashbucket_s {
}; };
struct hashmap_s { struct hashmap_s {
uint32_t seed;
unsigned int size; unsigned int size;
hashmap_iter end_iterator; hashmap_iter end_iterator;
@ -68,7 +69,7 @@ struct hashmap_s {
* *
* If any of the arguments are invalid a negative number is returned. * If any of the arguments are invalid a negative number is returned.
*/ */
static int hashfunc (const char *key, unsigned int size) static int hashfunc (const char *key, unsigned int size, uint32_t seed)
{ {
uint32_t hash; uint32_t hash;
@ -77,7 +78,7 @@ static int hashfunc (const char *key, unsigned int size)
if (size == 0) if (size == 0)
return -ERANGE; return -ERANGE;
for (hash = 5381; *key != '\0'; key++) { for (hash = seed; *key != '\0'; key++) {
hash = ((hash << 5) + hash) ^ tolower (*key); hash = ((hash << 5) + hash) ^ tolower (*key);
} }
@ -103,6 +104,7 @@ hashmap_t hashmap_create (unsigned int nbuckets)
if (!ptr) if (!ptr)
return NULL; return NULL;
ptr->seed = (uint32_t)rand();
ptr->size = nbuckets; ptr->size = nbuckets;
ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets, ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets,
sizeof (struct sizeof (struct
@ -200,7 +202,7 @@ hashmap_insert (hashmap_t map, const char *key, const void *data, size_t len)
if (!data || len < 1) if (!data || len < 1)
return -ERANGE; return -ERANGE;
hash = hashfunc (key, map->size); hash = hashfunc (key, map->size, map->seed);
if (hash < 0) if (hash < 0)
return hash; return hash;
@ -381,7 +383,7 @@ ssize_t hashmap_search (hashmap_t map, const char *key)
if (map == NULL || key == NULL) if (map == NULL || key == NULL)
return -EINVAL; return -EINVAL;
hash = hashfunc (key, map->size); hash = hashfunc (key, map->size, map->seed);
if (hash < 0) if (hash < 0)
return hash; return hash;
@ -415,7 +417,7 @@ ssize_t hashmap_entry_by_key (hashmap_t map, const char *key, void **data)
if (!map || !key || !data) if (!map || !key || !data)
return -EINVAL; return -EINVAL;
hash = hashfunc (key, map->size); hash = hashfunc (key, map->size, map->seed);
if (hash < 0) if (hash < 0)
return hash; return hash;
@ -450,7 +452,7 @@ ssize_t hashmap_remove (hashmap_t map, const char *key)
if (map == NULL || key == NULL) if (map == NULL || key == NULL)
return -EINVAL; return -EINVAL;
hash = hashfunc (key, map->size); hash = hashfunc (key, map->size, map->seed);
if (hash < 0) if (hash < 0)
return hash; return hash;