diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2019-02-11 15:37:23 -0800 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2019-02-11 15:37:23 -0800 |
commit | 872c0530cc735846b0ef8ef00082800744940f4c (patch) | |
tree | 1fc465374879a38ef7b2a0d8e7af92f70dabf810 | |
parent | 95e290af7dd2dd8441d9c0d7a0fbee7b9d0dfc38 (diff) | |
parent | 1247de9a57c1d9b9b9f4c2d2b81e5806b6c6ef3d (diff) | |
download | cpython2-pie-gsi.tar.gz |
Snap for 5180536 from 38dedefe66680a4ff865ef5a33e1725e53fb3abb to pi-platform-releasepie-gsi
am: 1247de9a57
Change-Id: I92d5649f45f5a846eaf0aba7fe025dfdddb87195
-rw-r--r-- | Modules/expat/xmlparse.c | 59 |
1 files changed, 47 insertions, 12 deletions
diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c index 412838794d..3f0939e88d 100644 --- a/Modules/expat/xmlparse.c +++ b/Modules/expat/xmlparse.c @@ -2,6 +2,20 @@ See the file COPYING for copying permission. */ +#include <stddef.h> +#include <stdint.h> +#include <string.h> /* memset(), memcpy() */ +#include <assert.h> +#include <limits.h> /* UINT_MAX */ + +#ifdef COMPILED_FROM_DSP +#define getpid GetCurrentProcessId +#else +#include <sys/time.h> /* gettimeofday() */ +#include <sys/types.h> /* getpid() */ +#include <unistd.h> /* getpid() */ +#endif + #define XML_BUILDING_EXPAT 1 #ifdef COMPILED_FROM_DSP @@ -16,12 +30,6 @@ #include <expat_config.h> #endif /* ndef COMPILED_FROM_DSP */ -#include <stddef.h> -#include <string.h> /* memset(), memcpy() */ -#include <assert.h> -#include <limits.h> /* UINT_MAX */ -#include <time.h> /* time() */ - #include "ascii.h" #include "expat.h" @@ -432,7 +440,7 @@ static ELEMENT_TYPE * getElementType(XML_Parser parser, const ENCODING *enc, const char *ptr, const char *end); -static unsigned long generate_hash_secret_salt(void); +static unsigned long generate_hash_secret_salt(XML_Parser parser); static XML_Bool startParsing(XML_Parser parser); static XML_Parser @@ -691,11 +699,38 @@ static const XML_Char implicitContext[] = { }; static unsigned long -generate_hash_secret_salt(void) +gather_time_entropy(void) +{ +#ifdef COMPILED_FROM_DSP + FILETIME ft; + GetSystemTimeAsFileTime(&ft); /* never fails */ + return ft.dwHighDateTime ^ ft.dwLowDateTime; +#else + struct timeval tv; + int gettimeofday_res; + + gettimeofday_res = gettimeofday(&tv, NULL); + assert (gettimeofday_res == 0); + + /* Microseconds time is <20 bits entropy */ + return tv.tv_usec; +#endif +} + +static unsigned long +generate_hash_secret_salt(XML_Parser parser) { - unsigned int seed = time(NULL) % UINT_MAX; - srand(seed); - return rand(); + /* Process ID is 0 bits entropy if attacker has local access + * XML_Parser address is few bits of entropy if attacker has local access */ + const unsigned long entropy = + gather_time_entropy() ^ getpid() ^ (uintptr_t)parser; + + /* Factors are 2^31-1 and 2^61-1 (Mersenne primes M31 and M61) */ + if (sizeof(unsigned long) == 4) { + return entropy * 2147483647; + } else { + return entropy * 2305843009213693951; + } } static XML_Bool /* only valid for root parser */ @@ -703,7 +738,7 @@ startParsing(XML_Parser parser) { /* hash functions must be initialized before setContext() is called */ if (hash_secret_salt == 0) - hash_secret_salt = generate_hash_secret_salt(); + hash_secret_salt = generate_hash_secret_salt(parser); if (ns) { /* implicit context only set for root parser, since child parsers (i.e. external entity parsers) will inherit it |