diff options
| -rw-r--r-- | embed.fnc | 1 | ||||
| -rw-r--r-- | embed.h | 6 | ||||
| -rw-r--r-- | embedvar.h | 2 | ||||
| -rw-r--r-- | intrpvar.h | 2 | ||||
| -rw-r--r-- | perl.c | 35 | ||||
| -rw-r--r-- | perl.h | 2 | ||||
| -rw-r--r-- | perlapi.h | 2 | ||||
| -rw-r--r-- | pod/perlrun.pod | 4 | ||||
| -rw-r--r-- | proto.h | 1 | ||||
| -rw-r--r-- | util.c | 32 |
10 files changed, 60 insertions, 27 deletions
@@ -839,6 +839,7 @@ p |void |vivify_ref |SV* sv|U32 to_what p |I32 |wait4pid |Pid_t pid|int* statusp|int flags p |U32 |parse_unicode_opts|char **popt p |U32 |seed +p |UV |get_seed p |void |report_evil_fh |GV *gv|IO *io|I32 op pd |void |report_uninit Afpd |void |warn |const char* pat|... @@ -1115,6 +1115,9 @@ #define seed Perl_seed #endif #ifdef PERL_CORE +#define get_seed Perl_get_seed +#endif +#ifdef PERL_CORE #define report_evil_fh Perl_report_evil_fh #endif #ifdef PERL_CORE @@ -3603,6 +3606,9 @@ #define seed() Perl_seed(aTHX) #endif #ifdef PERL_CORE +#define get_seed() Perl_get_seed(aTHX) +#endif +#ifdef PERL_CORE #define report_evil_fh(a,b,c) Perl_report_evil_fh(aTHX_ a,b,c) #endif #ifdef PERL_CORE diff --git a/embedvar.h b/embedvar.h index f990f9f7c5..98d8b21665 100644 --- a/embedvar.h +++ b/embedvar.h @@ -255,6 +255,7 @@ #define PL_glob_index (vTHX->Iglob_index) #define PL_globalstash (vTHX->Iglobalstash) #define PL_hash_seed (vTHX->Ihash_seed) +#define PL_hash_seed_set (vTHX->Ihash_seed_set) #define PL_he_arenaroot (vTHX->Ihe_arenaroot) #define PL_he_root (vTHX->Ihe_root) #define PL_hintgv (vTHX->Ihintgv) @@ -558,6 +559,7 @@ #define PL_Iglob_index PL_glob_index #define PL_Iglobalstash PL_globalstash #define PL_Ihash_seed PL_hash_seed +#define PL_Ihash_seed_set PL_hash_seed_set #define PL_Ihe_arenaroot PL_he_arenaroot #define PL_Ihe_root PL_he_root #define PL_Ihintgv PL_hintgv diff --git a/intrpvar.h b/intrpvar.h index 6d77cec2a1..6a34ea4e67 100644 --- a/intrpvar.h +++ b/intrpvar.h @@ -525,6 +525,8 @@ PERLVARI(Ippid, IV, 0) PERLVARI(Ihash_seed, UV, 0) /* Hash initializer */ +PERLVARI(Ihash_seed_set, bool, FALSE) /* Hash initialized? */ + PERLVAR(IDBassertion, SV *) PERLVARI(Icv_has_eval, I32, 0) /* PL_compcv includes an entereval or similar */ @@ -900,31 +900,18 @@ setuid perl scripts securely.\n"); #if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT) /* [perl #22371] Algorimic Complexity Attack on Perl 5.6.1, 5.8.0 * This MUST be done before any hash stores or fetches take place. */ + if (!PL_hash_seed_set) + PL_hash_seed = get_seed(); { - char *s = PerlEnv_getenv("PERL_HASH_SEED"); - if (s) - while (isSPACE(*s)) s++; - if (s && isDIGIT(*s)) - PL_hash_seed = (UV)Atoul(s); -#ifndef USE_HASH_SEED_EXPLICIT - else { - /* Compute a random seed */ - (void)seedDrand01((Rand_seed_t)seed()); - PL_srand_called = TRUE; - PL_hash_seed = (UV)(Drand01() * (NV)UV_MAX); -#if RANDBITS < (UVSIZE * 8) - /* Since there are not enough randbits to to reach all - * the bits of a UV, the low bits might need extra - * help. Sum in another random number that will - * fill in the low bits. */ - PL_hash_seed += - (UV)(Drand01() * (NV)((1 << ((UVSIZE * 8 - RANDBITS))) - 1)); -#endif /* RANDBITS < (UVSIZE * 8) */ - } -#endif /* #ifndef USE_HASH_SEED_EXPLICIT */ - if ((s = PerlEnv_getenv("PERL_HASH_SEED_DEBUG"))) - PerlIO_printf(Perl_debug_log, "HASH_SEED = %"UVuf"\n", - PL_hash_seed); + char *s = PerlEnv_getenv("PERL_HASH_SEED_DEBUG"); + + if (s) { + int i = atoi(s); + + if (i == 1) + PerlIO_printf(Perl_debug_log, "HASH_SEED = %"UVuf"\n", + PL_hash_seed); + } } #endif /* #if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT) */ @@ -2258,7 +2258,7 @@ typedef struct crypt_data { /* straight from /usr/include/crypt.h */ /* [perl #22371] Algorimic Complexity Attack on Perl 5.6.1, 5.8.0 */ #if !defined(NO_HASH_SEED) && !defined(USE_HASH_SEED) && !defined(USE_HASH_SEED_EXPLICIT) -# define USE_HASH_SEED +# define USE_HASH_SEED_EXPLICIT #endif #include "regexp.h" @@ -268,6 +268,8 @@ END_EXTERN_C #define PL_globalstash (*Perl_Iglobalstash_ptr(aTHX)) #undef PL_hash_seed #define PL_hash_seed (*Perl_Ihash_seed_ptr(aTHX)) +#undef PL_hash_seed_set +#define PL_hash_seed_set (*Perl_Ihash_seed_set_ptr(aTHX)) #undef PL_he_arenaroot #define PL_he_arenaroot (*Perl_Ihe_arenaroot_ptr(aTHX)) #undef PL_he_root diff --git a/pod/perlrun.pod b/pod/perlrun.pod index 26d0bc424a..730c75da1e 100644 --- a/pod/perlrun.pod +++ b/pod/perlrun.pod @@ -1127,8 +1127,8 @@ See L<perlsec/"Algorithmic Complexity Attacks"> for more information. =item PERL_HASH_SEED_DEBUG -(Since Perl 5.8.1.) Set to (anything) to display (to STDERR) -the value of the hash seed at the beginning of execution. +(Since Perl 5.8.1.) Set to "1" to display (to STDERR) the value of +the hash seed at the beginning of execution. =item PERL_ROOT (specific to the VMS port) @@ -799,6 +799,7 @@ PERL_CALLCONV void Perl_vivify_ref(pTHX_ SV* sv, U32 to_what); PERL_CALLCONV I32 Perl_wait4pid(pTHX_ Pid_t pid, int* statusp, int flags); PERL_CALLCONV U32 Perl_parse_unicode_opts(pTHX_ char **popt); PERL_CALLCONV U32 Perl_seed(pTHX); +PERL_CALLCONV UV Perl_get_seed(pTHX); PERL_CALLCONV void Perl_report_evil_fh(pTHX_ GV *gv, IO *io, I32 op); PERL_CALLCONV void Perl_report_uninit(pTHX); PERL_CALLCONV void Perl_warn(pTHX_ const char* pat, ...) @@ -4377,3 +4377,35 @@ Perl_seed(pTHX) return u; } +UV +Perl_get_seed(void) +{ + char *s = PerlEnv_getenv("PERL_HASH_SEED"); + UV myseed = 0; + + if (s) + while (isSPACE(*s)) s++; + if (s && isDIGIT(*s)) + myseed = (UV)Atoul(s); + else +#ifdef USE_HASH_SEED_EXPLICIT + if (s) +#endif + { + /* Compute a random seed */ + (void)seedDrand01((Rand_seed_t)seed()); + PL_srand_called = TRUE; + myseed = (UV)(Drand01() * (NV)UV_MAX); +#if RANDBITS < (UVSIZE * 8) + /* Since there are not enough randbits to to reach all + * the bits of a UV, the low bits might need extra + * help. Sum in another random number that will + * fill in the low bits. */ + myseed += + (UV)(Drand01() * (NV)((1 << ((UVSIZE * 8 - RANDBITS))) - 1)); +#endif /* RANDBITS < (UVSIZE * 8) */ + } + PL_hash_seed_set = TRUE; + + return myseed; +} |