openbsd-ports/www/tinyproxy/patches/patch-src_child_c

27 lines
688 B
Plaintext
Raw Normal View History

$OpenBSD: patch-src_child_c,v 1.1 2012/08/20 09:51:20 jasper Exp $
Security fix for CVE-2012-3505, tinyproxy: multiple headers hashmap DoS
Patch from https://bugzilla.redhat.com/show_bug.cgi?id=849368
CVE-2012-3505-tinyproxy-randomized-hashmaps.patch
--- src/child.c.orig Sun Jan 10 23:52:04 2010
+++ src/child.c Mon Aug 20 11:47:33 2012
@@ -20,6 +20,9 @@
* processing incoming connections.
*/
+#include <stdlib.h>
+#include <time.h>
+
#include "main.h"
#include "child.h"
@@ -196,6 +199,7 @@ static void child_main (struct child_s *ptr)
}
ptr->connects = 0;
+ srand(time(NULL));
while (!config.quit) {
ptr->status = T_WAITING;