[armedbear-cvs] r13721 - branches/1.0.x/abcl/src/org/armedbear/lisp

mevenson at common-lisp.net mevenson at common-lisp.net
Fri Jan 6 14:29:57 UTC 2012 

Author: mevenson
Date: Fri Jan  6 06:29:51 2012
New Revision: 13721

Log:
backport r13720: randomize string hash computation to guard against exploits.

Modified:
   branches/1.0.x/abcl/src/org/armedbear/lisp/ComplexString.java
   branches/1.0.x/abcl/src/org/armedbear/lisp/Lisp.java
   branches/1.0.x/abcl/src/org/armedbear/lisp/SimpleString.java

Modified: branches/1.0.x/abcl/src/org/armedbear/lisp/ComplexString.java
==============================================================================
--- branches/1.0.x/abcl/src/org/armedbear/lisp/ComplexString.java	Thu Jan  5 13:56:44 2012	(r13720)
+++ branches/1.0.x/abcl/src/org/armedbear/lisp/ComplexString.java	Fri Jan  6 06:29:51 2012	(r13721)
@@ -517,7 +517,7 @@
   @Override
   public int sxhash()
   {
-    int hashCode = 0;
+    int hashCode = randomStringHashBase;
     final int limit = length();
     for (int i = 0; i < limit; i++)
       {
@@ -535,7 +535,7 @@
   @Override
   public int psxhash()
   {
-    int hashCode = 0;
+    int hashCode = randomStringHashBase;
     final int limit = length();
     for (int i = 0; i < limit; i++)
       {

Modified: branches/1.0.x/abcl/src/org/armedbear/lisp/Lisp.java
==============================================================================
--- branches/1.0.x/abcl/src/org/armedbear/lisp/Lisp.java	Thu Jan  5 13:56:44 2012	(r13720)
+++ branches/1.0.x/abcl/src/org/armedbear/lisp/Lisp.java	Fri Jan  6 06:29:51 2012	(r13721)
@@ -141,6 +141,13 @@
   // End-of-file marker.
   public static final LispObject EOF = new LispObject();
 
+  // String hash randomization base
+  // Sets a base offset hashing value per JVM session, as an antidote to
+  // http://www.nruns.com/_downloads/advisory28122011.pdf
+  //    (Denial of Service through hash table multi-collisions)
+  public static final int randomStringHashBase =
+          (int)(new java.util.Date().getTime());
+  
   public static boolean profiling;
 
   public static boolean sampling;

Modified: branches/1.0.x/abcl/src/org/armedbear/lisp/SimpleString.java
==============================================================================
--- branches/1.0.x/abcl/src/org/armedbear/lisp/SimpleString.java	Thu Jan  5 13:56:44 2012	(r13720)
+++ branches/1.0.x/abcl/src/org/armedbear/lisp/SimpleString.java	Fri Jan  6 06:29:51 2012	(r13721)
@@ -416,7 +416,7 @@
     @Override
     public int sxhash()
     {
-        int hashCode = 0;
+        int hashCode = randomStringHashBase;
         for (int i = 0; i < capacity; i++) {
             hashCode += chars[i];
             hashCode += (hashCode << 10);
@@ -426,13 +426,13 @@
         hashCode ^= (hashCode >> 11);
         hashCode += (hashCode << 15);
         return (hashCode & 0x7fffffff);
-    }
+        }
 
     // For EQUALP hash tables.
     @Override
     public int psxhash()
     {
-        int hashCode = 0;
+        int hashCode = randomStringHashBase;
         for (int i = 0; i < capacity; i++) {
             hashCode += Character.toUpperCase(chars[i]);
             hashCode += (hashCode << 10);

More information about the armedbear-cvs mailing list