LineageOS/android_external_json-c
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Patch to address the following issues:

Browse Source 
* CVE-2013-6371: hash collision denial of service
* CVE-2013-6370: buffer overflow if size_t is larger than int
This commit is contained in:
Michael Clark
2014-04-09 13:48:21 +08:00
parent 784534a31f
commit 64e36901a0
11 changed files with 691 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile.am
View File

@@ -23,7 +23,8 @@ libjson_cinclude_HEADERS = \
json_tokener.h \ json_tokener.h \
json_util.h \ json_util.h \
linkhash.h \ linkhash.h \
printbuf.h printbuf.h \
random_seed.h
#libjsonx_includedir = $(libdir)/json-c-@VERSION@ #libjsonx_includedir = $(libdir)/json-c-@VERSION@
# #
@@ -41,7 +42,8 @@ libjson_c_la_SOURCES = \
json_tokener.c \ json_tokener.c \
json_util.c \ json_util.c \
linkhash.c \ linkhash.c \
printbuf.c printbuf.c \
random_seed.c
distclean-local: distclean-local:

2
Makefile.am.inc
View File

@@ -1,2 +1,2 @@
AM_CFLAGS = -Wall -Werror -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT AM_CFLAGS = -Wall -Werror -Wno-error=deprecated-declarations -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT

6
config.h.in
View File

@@ -1,5 +1,8 @@
/* config.h.in. Generated from configure.ac by autoheader. */ /* config.h.in. Generated from configure.ac by autoheader. */
/* Enable RDRANR Hardware RNG Hash Seed */
#undef ENABLE_RDRAND
/* Define if .gnu.warning accepts long strings. */ /* Define if .gnu.warning accepts long strings. */
#undef HAS_GNU_WARNING_LONG #undef HAS_GNU_WARNING_LONG
@@ -32,6 +35,9 @@
/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */ /* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
#undef HAVE_DOPRNT #undef HAVE_DOPRNT
/* Define to 1 if you have the <endian.h> header file. */
#undef HAVE_ENDIAN_H
/* Define to 1 if you have the <fcntl.h> header file. */ /* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H #undef HAVE_FCNTL_H

16
configure.ac
View File

@@ -7,6 +7,20 @@ AM_INIT_AUTOMAKE
AC_PROG_MAKE_SET AC_PROG_MAKE_SET
AC_ARG_ENABLE(rdrand,
AS_HELP_STRING([--enable-rdrand],
[Enable RDRAND Hardware RNG Hash Seed generation on supported x86/x64 platforms.]),
[if test x$enableval = xyes; then
enable_rdrand=yes
AC_DEFINE(ENABLE_RDRAND, 1, [Enable RDRANR Hardware RNG Hash Seed])
fi])
if test "x$enable_rdrand" = "xyes"; then
AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed enabled on supported x86/x64 platforms])
else
AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed disabled. Use --enable-rdrand to enable])
fi
# Checks for programs. # Checks for programs.
# Checks for libraries. # Checks for libraries.
@@ -16,7 +30,7 @@ AM_PROG_CC_C_O
AC_CONFIG_HEADER(config.h) AC_CONFIG_HEADER(config.h)
AC_CONFIG_HEADER(json_config.h) AC_CONFIG_HEADER(json_config.h)
AC_HEADER_STDC AC_HEADER_STDC
AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h) AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h endian.h)
AC_CHECK_HEADER(inttypes.h,[AC_DEFINE([JSON_C_HAVE_INTTYPES_H],[1],[Public define for json_inttypes.h])]) AC_CHECK_HEADER(inttypes.h,[AC_DEFINE([JSON_C_HAVE_INTTYPES_H],[1],[Public define for json_inttypes.h])])
# Checks for typedefs, structures, and compiler characteristics. # Checks for typedefs, structures, and compiler characteristics.

12
json_object.h
View File

@@ -13,6 +13,14 @@
#ifndef _json_object_h_ #ifndef _json_object_h_
#define _json_object_h_ #define _json_object_h_
#ifdef __GNUC__
#define THIS_FUNCTION_IS_DEPRECATED(func) func __attribute__ ((deprecated))
#elif defined(_MSC_VER)
#define THIS_FUNCTION_IS_DEPRECATED(func) __declspec(deprecated) func
#else
#define THIS_FUNCTION_IS_DEPRECATED(func) func
#endif
#include "json_inttypes.h" #include "json_inttypes.h"
#ifdef __cplusplus #ifdef __cplusplus
@@ -279,8 +287,8 @@ extern void json_object_object_add(struct json_object* obj, const char *key,
* @returns the json_object associated with the given field name * @returns the json_object associated with the given field name
* @deprecated Please use json_object_object_get_ex * @deprecated Please use json_object_object_get_ex
*/ */
extern struct json_object* json_object_object_get(struct json_object* obj, THIS_FUNCTION_IS_DEPRECATED(extern struct json_object* json_object_object_get(struct json_object* obj,
const char *key); const char *key));
/** Get the json_object associated with a given object field. /** Get the json_object associated with a given object field.
* *

11
json_tokener.c
View File

@@ -81,6 +81,7 @@ static const char* json_tokener_errors[] = {
"object value separator ',' expected", "object value separator ',' expected",
"invalid string sequence", "invalid string sequence",
"expected comment", "expected comment",
"buffer size overflow"
}; };
const char *json_tokener_error_desc(enum json_tokener_error jerr) const char *json_tokener_error_desc(enum json_tokener_error jerr)
@@ -243,6 +244,16 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
tok->char_offset = 0; tok->char_offset = 0;
tok->err = json_tokener_success; tok->err = json_tokener_success;
/* this interface is presently not 64-bit clean due to the int len argument
and the internal printbuf interface that takes 32-bit int len arguments
so the function limits the maximum string size to INT32_MAX (2GB).
If the function is called with len == -1 then strlen is called to check
the string length is less than INT32_MAX (2GB) */
if ((len < -1) || (len == -1 && strlen(str) > INT32_MAX)) {
tok->err = json_tokener_error_size;
return NULL;
}
while (PEEK_CHAR(c, tok)) { while (PEEK_CHAR(c, tok)) {
redo_char: redo_char:

8
json_tokener.h
View File

@@ -33,7 +33,8 @@ enum json_tokener_error {
json_tokener_error_parse_object_key_sep, json_tokener_error_parse_object_key_sep,
json_tokener_error_parse_object_value_sep, json_tokener_error_parse_object_value_sep,
json_tokener_error_parse_string, json_tokener_error_parse_string,
json_tokener_error_parse_comment json_tokener_error_parse_comment,
json_tokener_error_size
}; };
enum json_tokener_state { enum json_tokener_state {
@@ -163,6 +164,11 @@ extern void json_tokener_set_flags(struct json_tokener *tok, int flags);
* responsible for calling json_tokener_parse_ex with an appropriate str * responsible for calling json_tokener_parse_ex with an appropriate str
* parameter starting with the extra characters. * parameter starting with the extra characters.
* *
* This interface is presently not 64-bit clean due to the int len argument
* so the function limits the maximum string size to INT32_MAX (2GB).
* If the function is called with len == -1 then strlen is called to check
* the string length is less than INT32_MAX (2GB)
*
* Example: * Example:
* @code * @code
json_object *jobj = NULL; json_object *jobj = NULL;

377
linkhash.c
View File

@@ -17,6 +17,11 @@
#include <stddef.h> #include <stddef.h>
#include <limits.h> #include <limits.h>
#ifdef HAVE_ENDIAN_H
# include <endian.h> /* attempt to define endianness */
#endif
#include "random_seed.h"
#include "linkhash.h" #include "linkhash.h"
void lh_abort(const char *msg, ...) void lh_abort(const char *msg, ...)
@@ -39,14 +44,378 @@ int lh_ptr_equal(const void *k1, const void *k2)
return (k1 == k2); return (k1 == k2);
} }
/*
* hashlittle from lookup3.c, by Bob Jenkins, May 2006, Public Domain.
* http://burtleburtle.net/bob/c/lookup3.c
* minor modifications to make functions static so no symbols are exported
* minor mofifications to compile with -Werror
*/
/*
-------------------------------------------------------------------------------
lookup3.c, by Bob Jenkins, May 2006, Public Domain.
These are functions for producing 32-bit hashes for hash table lookup.
hashword(), hashlittle(), hashlittle2(), hashbig(), mix(), and final()
are externally useful functions. Routines to test the hash are included
if SELF_TEST is defined. You can use this free for any purpose. It's in
the public domain. It has no warranty.
You probably want to use hashlittle(). hashlittle() and hashbig()
hash byte arrays. hashlittle() is is faster than hashbig() on
little-endian machines. Intel and AMD are little-endian machines.
On second thought, you probably want hashlittle2(), which is identical to
hashlittle() except it returns two 32-bit hashes for the price of one.
You could implement hashbig2() if you wanted but I haven't bothered here.
If you want to find a hash of, say, exactly 7 integers, do
a = i1; b = i2; c = i3;
mix(a,b,c);
a += i4; b += i5; c += i6;
mix(a,b,c);
a += i7;
final(a,b,c);
then use c as the hash value. If you have a variable length array of
4-byte integers to hash, use hashword(). If you have a byte array (like
a character string), use hashlittle(). If you have several byte arrays, or
a mix of things, see the comments above hashlittle().
Why is this so big? I read 12 bytes at a time into 3 4-byte integers,
then mix those integers. This is fast (you can do a lot more thorough
mixing with 12*3 instructions on 3 integers than you can with 3 instructions
on 1 byte), but shoehorning those bytes into integers efficiently is messy.
-------------------------------------------------------------------------------
*/
/*
* My best guess at if you are big-endian or little-endian. This may
* need adjustment.
*/
#if (defined(__BYTE_ORDER) && defined(__LITTLE_ENDIAN) && \
__BYTE_ORDER == __LITTLE_ENDIAN) || \
(defined(i386) || defined(__i386__) || defined(__i486__) || \
defined(__i586__) || defined(__i686__) || defined(vax) || defined(MIPSEL))
# define HASH_LITTLE_ENDIAN 1
# define HASH_BIG_ENDIAN 0
#elif (defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && \
__BYTE_ORDER == __BIG_ENDIAN) || \
(defined(sparc) || defined(POWERPC) || defined(mc68000) || defined(sel))
# define HASH_LITTLE_ENDIAN 0
# define HASH_BIG_ENDIAN 1
#else
# define HASH_LITTLE_ENDIAN 0
# define HASH_BIG_ENDIAN 0
#endif
#define hashsize(n) ((uint32_t)1<<(n))
#define hashmask(n) (hashsize(n)-1)
#define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k))))
/*
-------------------------------------------------------------------------------
mix -- mix 3 32-bit values reversibly.
This is reversible, so any information in (a,b,c) before mix() is
still in (a,b,c) after mix().
If four pairs of (a,b,c) inputs are run through mix(), or through
mix() in reverse, there are at least 32 bits of the output that
are sometimes the same for one pair and different for another pair.
This was tested for:
* pairs that differed by one bit, by two bits, in any combination
of top bits of (a,b,c), or in any combination of bottom bits of
(a,b,c).
* "differ" is defined as +, -, ^, or ~^. For + and -, I transformed
the output delta to a Gray code (a^(a>>1)) so a string of 1's (as
is commonly produced by subtraction) look like a single 1-bit
difference.
* the base values were pseudorandom, all zero but one bit set, or
all zero plus a counter that starts at zero.
Some k values for my "a-=c; a^=rot(c,k); c+=b;" arrangement that
satisfy this are
4 6 8 16 19 4
9 15 3 18 27 15
14 9 3 7 17 3
Well, "9 15 3 18 27 15" didn't quite get 32 bits diffing
for "differ" defined as + with a one-bit base and a two-bit delta. I
used http://burtleburtle.net/bob/hash/avalanche.html to choose
the operations, constants, and arrangements of the variables.
This does not achieve avalanche. There are input bits of (a,b,c)
that fail to affect some output bits of (a,b,c), especially of a. The
most thoroughly mixed value is c, but it doesn't really even achieve
avalanche in c.
This allows some parallelism. Read-after-writes are good at doubling
the number of bits affected, so the goal of mixing pulls in the opposite
direction as the goal of parallelism. I did what I could. Rotates
seem to cost as much as shifts on every machine I could lay my hands
on, and rotates are much kinder to the top and bottom bits, so I used
rotates.
-------------------------------------------------------------------------------
*/
#define mix(a,b,c) \
{ \
a -= c; a ^= rot(c, 4); c += b; \
b -= a; b ^= rot(a, 6); a += c; \
c -= b; c ^= rot(b, 8); b += a; \
a -= c; a ^= rot(c,16); c += b; \
b -= a; b ^= rot(a,19); a += c; \
c -= b; c ^= rot(b, 4); b += a; \
}
/*
-------------------------------------------------------------------------------
final -- final mixing of 3 32-bit values (a,b,c) into c
Pairs of (a,b,c) values differing in only a few bits will usually
produce values of c that look totally different. This was tested for
* pairs that differed by one bit, by two bits, in any combination
of top bits of (a,b,c), or in any combination of bottom bits of
(a,b,c).
* "differ" is defined as +, -, ^, or ~^. For + and -, I transformed
the output delta to a Gray code (a^(a>>1)) so a string of 1's (as
is commonly produced by subtraction) look like a single 1-bit
difference.
* the base values were pseudorandom, all zero but one bit set, or
all zero plus a counter that starts at zero.
These constants passed:
14 11 25 16 4 14 24
12 14 25 16 4 14 24
and these came close:
4 8 15 26 3 22 24
10 8 15 26 3 22 24
11 8 15 26 3 22 24
-------------------------------------------------------------------------------
*/
#define final(a,b,c) \
{ \
c ^= b; c -= rot(b,14); \
a ^= c; a -= rot(c,11); \
b ^= a; b -= rot(a,25); \
c ^= b; c -= rot(b,16); \
a ^= c; a -= rot(c,4); \
b ^= a; b -= rot(a,14); \
c ^= b; c -= rot(b,24); \
}
/*
-------------------------------------------------------------------------------
hashlittle() -- hash a variable-length key into a 32-bit value
k : the key (the unaligned variable-length array of bytes)
length : the length of the key, counting by bytes
initval : can be any 4-byte value
Returns a 32-bit value. Every bit of the key affects every bit of
the return value. Two keys differing by one or two bits will have
totally different hash values.
The best hash table sizes are powers of 2. There is no need to do
mod a prime (mod is sooo slow!). If you need less than 32 bits,
use a bitmask. For example, if you need only 10 bits, do
h = (h & hashmask(10));
In which case, the hash table should have hashsize(10) elements.
If you are hashing n strings (uint8_t **)k, do it like this:
for (i=0, h=0; i<n; ++i) h = hashlittle( k[i], len[i], h);
By Bob Jenkins, 2006. bob_jenkins@burtleburtle.net. You may use this
code any way you wish, private, educational, or commercial. It's free.
Use for hash table lookup, or anything where one collision in 2^^32 is
acceptable. Do NOT use for cryptographic purposes.
-------------------------------------------------------------------------------
*/
static uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
{
uint32_t a,b,c; /* internal state */
union { const void *ptr; size_t i; } u; /* needed for Mac Powerbook G4 */
/* Set up the internal state */
a = b = c = 0xdeadbeef + ((uint32_t)length) + initval;
u.ptr = key;
if (HASH_LITTLE_ENDIAN && ((u.i & 0x3) == 0)) {
const uint32_t *k = (const uint32_t *)key; /* read 32-bit chunks */
/*------ all but last block: aligned reads and affect 32 bits of (a,b,c) */
while (length > 12)
{
a += k[0];
b += k[1];
c += k[2];
mix(a,b,c);
length -= 12;
k += 3;
}
/*----------------------------- handle the last (probably partial) block */
/*
* "k[2]&0xffffff" actually reads beyond the end of the string, but
* then masks off the part it's not allowed to read. Because the
* string is aligned, the masked-off tail is in the same word as the
* rest of the string. Every machine with memory protection I've seen
* does it on word boundaries, so is OK with this. But VALGRIND will
* still catch it and complain. The masking trick does make the hash
* noticably faster for short strings (like English words).
*/
#ifndef VALGRIND
switch(length)
{
case 12: c+=k[2]; b+=k[1]; a+=k[0]; break;
case 11: c+=k[2]&0xffffff; b+=k[1]; a+=k[0]; break;
case 10: c+=k[2]&0xffff; b+=k[1]; a+=k[0]; break;
case 9 : c+=k[2]&0xff; b+=k[1]; a+=k[0]; break;
case 8 : b+=k[1]; a+=k[0]; break;
case 7 : b+=k[1]&0xffffff; a+=k[0]; break;
case 6 : b+=k[1]&0xffff; a+=k[0]; break;
case 5 : b+=k[1]&0xff; a+=k[0]; break;
case 4 : a+=k[0]; break;
case 3 : a+=k[0]&0xffffff; break;
case 2 : a+=k[0]&0xffff; break;
case 1 : a+=k[0]&0xff; break;
case 0 : return c; /* zero length strings require no mixing */
}
#else /* make valgrind happy */
const uint8_t *k8 = (const uint8_t *)k;
switch(length)
{
case 12: c+=k[2]; b+=k[1]; a+=k[0]; break;
case 11: c+=((uint32_t)k8[10])<<16; /* fall through */
case 10: c+=((uint32_t)k8[9])<<8; /* fall through */
case 9 : c+=k8[8]; /* fall through */
case 8 : b+=k[1]; a+=k[0]; break;
case 7 : b+=((uint32_t)k8[6])<<16; /* fall through */
case 6 : b+=((uint32_t)k8[5])<<8; /* fall through */
case 5 : b+=k8[4]; /* fall through */
case 4 : a+=k[0]; break;
case 3 : a+=((uint32_t)k8[2])<<16; /* fall through */
case 2 : a+=((uint32_t)k8[1])<<8; /* fall through */
case 1 : a+=k8[0]; break;
case 0 : return c;
}
#endif /* !valgrind */
} else if (HASH_LITTLE_ENDIAN && ((u.i & 0x1) == 0)) {
const uint16_t *k = (const uint16_t *)key; /* read 16-bit chunks */
const uint8_t *k8;
/*--------------- all but last block: aligned reads and different mixing */
while (length > 12)
{
a += k[0] + (((uint32_t)k[1])<<16);
b += k[2] + (((uint32_t)k[3])<<16);
c += k[4] + (((uint32_t)k[5])<<16);
mix(a,b,c);
length -= 12;
k += 6;
}
/*----------------------------- handle the last (probably partial) block */
k8 = (const uint8_t *)k;
switch(length)
{
case 12: c+=k[4]+(((uint32_t)k[5])<<16);
b+=k[2]+(((uint32_t)k[3])<<16);
a+=k[0]+(((uint32_t)k[1])<<16);
break;
case 11: c+=((uint32_t)k8[10])<<16; /* fall through */
case 10: c+=k[4];
b+=k[2]+(((uint32_t)k[3])<<16);
a+=k[0]+(((uint32_t)k[1])<<16);
break;
case 9 : c+=k8[8]; /* fall through */
case 8 : b+=k[2]+(((uint32_t)k[3])<<16);
a+=k[0]+(((uint32_t)k[1])<<16);
break;
case 7 : b+=((uint32_t)k8[6])<<16; /* fall through */
case 6 : b+=k[2];
a+=k[0]+(((uint32_t)k[1])<<16);
break;
case 5 : b+=k8[4]; /* fall through */
case 4 : a+=k[0]+(((uint32_t)k[1])<<16);
break;
case 3 : a+=((uint32_t)k8[2])<<16; /* fall through */
case 2 : a+=k[0];
break;
case 1 : a+=k8[0];
break;
case 0 : return c; /* zero length requires no mixing */
}
} else { /* need to read the key one byte at a time */
const uint8_t *k = (const uint8_t *)key;
/*--------------- all but the last block: affect some 32 bits of (a,b,c) */
while (length > 12)
{
a += k[0];
a += ((uint32_t)k[1])<<8;
a += ((uint32_t)k[2])<<16;
a += ((uint32_t)k[3])<<24;
b += k[4];
b += ((uint32_t)k[5])<<8;
b += ((uint32_t)k[6])<<16;
b += ((uint32_t)k[7])<<24;
c += k[8];
c += ((uint32_t)k[9])<<8;
c += ((uint32_t)k[10])<<16;
c += ((uint32_t)k[11])<<24;
mix(a,b,c);
length -= 12;
k += 12;
}
/*-------------------------------- last block: affect all 32 bits of (c) */
switch(length) /* all the case statements fall through */
{
case 12: c+=((uint32_t)k[11])<<24;
case 11: c+=((uint32_t)k[10])<<16;
case 10: c+=((uint32_t)k[9])<<8;
case 9 : c+=k[8];
case 8 : b+=((uint32_t)k[7])<<24;
case 7 : b+=((uint32_t)k[6])<<16;
case 6 : b+=((uint32_t)k[5])<<8;
case 5 : b+=k[4];
case 4 : a+=((uint32_t)k[3])<<24;
case 3 : a+=((uint32_t)k[2])<<16;
case 2 : a+=((uint32_t)k[1])<<8;
case 1 : a+=k[0];
break;
case 0 : return c;
}
}
final(a,b,c);
return c;
}
unsigned long lh_char_hash(const void *k) unsigned long lh_char_hash(const void *k)
{ {
unsigned int h = 0; static volatile int random_seed = -1;
const char* data = (const char*)k;
while( *data!=0 ) h = h*129 + (unsigned int)(*data++) + LH_PRIME; if (random_seed == -1) {
int seed;
/* we can't use -1 as it is the unitialized sentinel */
while ((seed = json_c_get_random_seed()) == -1);
#if defined __GNUC__
__sync_val_compare_and_swap(&random_seed, -1, seed);
#elif defined _MSC_VER
InterlockedCompareExchange(&random_seed, seed, -1);
#else
#warning "racy random seed initializtion if used by multiple threads"
random_seed = seed; /* potentially racy */
#endif
}
return h; return hashlittle((const char*)k, strlen((const char*)k), random_seed);
} }
int lh_char_equal(const void *k1, const void *k2) int lh_char_equal(const void *k1, const void *k2)

2
linkhash.h
View File

@@ -246,7 +246,7 @@ extern struct lh_entry* lh_table_lookup_entry(struct lh_table *t, const void *k)
* @return a pointer to the found value or NULL if it does not exist. * @return a pointer to the found value or NULL if it does not exist.
* @deprecated Use lh_table_lookup_ex instead. * @deprecated Use lh_table_lookup_ex instead.
*/ */
extern const void* lh_table_lookup(struct lh_table *t, const void *k); THIS_FUNCTION_IS_DEPRECATED(extern const void* lh_table_lookup(struct lh_table *t, const void *k));
/** /**
* Lookup a record in the table * Lookup a record in the table

237
random_seed.c Normal file
View File

@@ -0,0 +1,237 @@
/*
* random_seed.c
*
* Copyright (c) 2013 Metaparadigm Pte. Ltd.
* Michael Clark <michael@metaparadigm.com>
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the MIT license. See COPYING for details.
*
*/
#include <stdio.h>
#include "config.h"
#define DEBUG_SEED(s)
#if defined ENABLE_RDRAND
/* cpuid */
#if defined __GNUC__ && (defined __i386__ || defined __x86_64__)
#define HAS_X86_CPUID 1
static void do_cpuid(int regs[], int h)
{
__asm__ __volatile__(
#if defined __x86_64__
"pushq %%rbx;\n"
#else
"pushl %%ebx;\n"
#endif
"cpuid;\n"
#if defined __x86_64__
"popq %%rbx;\n"
#else
"popl %%ebx;\n"
#endif
: "=a"(regs[0]), [ebx] "=r"(regs[1]), "=c"(regs[2]), "=d"(regs[3])
: "a"(h));
}
#elif defined _MSC_VER
#define HAS_X86_CPUID 1
#define do_cpuid __cpuid
#endif
/* has_rdrand */
#if HAS_X86_CPUID
static int has_rdrand()
{
// CPUID.01H:ECX.RDRAND[bit 30] == 1
int regs[4];
do_cpuid(regs, 1);
return (regs[2] & (1 << 30)) != 0;
}
#endif
/* get_rdrand_seed - GCC x86 and X64 */
#if defined __GNUC__ && (defined __i386__ || defined __x86_64__)
#define HAVE_RDRAND 1
static int get_rdrand_seed()
{
DEBUG_SEED("get_rdrand_seed");
int _eax;
// rdrand eax
__asm__ __volatile__("1: .byte 0x0F\n"
" .byte 0xC7\n"
" .byte 0xF0\n"
" jnc 1b;\n"
: "=a" (_eax));
return _eax;
}
#endif
#if defined _MSC_VER
#if _MSC_VER >= 1700
#define HAVE_RDRAND 1
/* get_rdrand_seed - Visual Studio 2012 and above */
static int get_rdrand_seed()
{
DEBUG_SEED("get_rdrand_seed");
int r;
while (_rdrand32_step(&r) == 0);
return r;
}
#elif defined _M_IX86
#define HAVE_RDRAND 1
/* get_rdrand_seed - Visual Studio 2010 and below - x86 only */
static int get_rdrand_seed()
{
DEBUG_SEED("get_rdrand_seed");
int _eax;
retry:
// rdrand eax
__asm _emit 0x0F __asm _emit 0xC7 __asm _emit 0xF0
__asm jnc retry
__asm mov _eax, eax
return _eax;
}
#endif
#endif
#endif /* defined ENABLE_RDRAND */
/* has_dev_urandom */
#if defined (__APPLE__) || defined(__unix__) || defined(__linux__)
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/stat.h>
#define HAVE_DEV_RANDOM 1
static const char *dev_random_file = "/dev/urandom";
static int has_dev_urandom()
{
struct stat buf;
if (stat(dev_random_file, &buf)) {
return 0;
}
return ((buf.st_mode & S_IFCHR) != 0);
}
/* get_dev_random_seed */
static int get_dev_random_seed()
{
DEBUG_SEED("get_dev_random_seed");
int fd = open(dev_random_file, O_RDONLY);
if (fd < 0) {
fprintf(stderr, "error opening %s: %s", dev_random_file, strerror(errno));
exit(1);
}
int r;
ssize_t nread = read(fd, &r, sizeof(r));
if (nread != sizeof(r)) {
fprintf(stderr, "error read %s: %s", dev_random_file, strerror(errno));
exit(1);
}
else if (nread != sizeof(r)) {
fprintf(stderr, "error short read %s", dev_random_file);
exit(1);
}
close(fd);
return r;
}
#endif
/* get_cryptgenrandom_seed */
#ifdef WIN32
#define HAVE_CRYPTGENRANDOM 1
#include <windows.h>
#pragma comment(lib, "advapi32.lib")
static int get_cryptgenrandom_seed()
{
DEBUG_SEED("get_cryptgenrandom_seed");
HCRYPTPROV hProvider = 0;
int r;
if (!CryptAcquireContextW(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
fprintf(stderr, "error CryptAcquireContextW");
exit(1);
}
if (!CryptGenRandom(hProvider, sizeof(r), (BYTE*)&r)) {
fprintf(stderr, "error CryptGenRandom");
exit(1);
}
CryptReleaseContext(hProvider, 0);
return r;
}
#endif
/* get_time_seed */
#include <time.h>
static int get_time_seed()
{
DEBUG_SEED("get_time_seed");
return (int)time(NULL) * 433494437;
}
/* json_c_get_random_seed */
int json_c_get_random_seed()
{
#if HAVE_RDRAND
if (has_rdrand()) return get_rdrand_seed();
#endif
#if HAVE_DEV_RANDOM
if (has_dev_urandom()) return get_dev_random_seed();
#endif
#if HAVE_CRYPTGENRANDOM
return get_cryptgenrandom_seed();
#endif
return get_time_seed();
}

25
random_seed.h Normal file
View File

@@ -0,0 +1,25 @@
/*
* random_seed.h
*
* Copyright (c) 2013 Metaparadigm Pte. Ltd.
* Michael Clark <michael@metaparadigm.com>
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the MIT license. See COPYING for details.
*
*/
#ifndef seed_h
#define seed_h
#ifdef __cplusplus
extern "C" {
#endif
extern int json_c_get_random_seed();
#ifdef __cplusplus
}
#endif
#endif