27 lines
688 B
Plaintext
27 lines
688 B
Plaintext
$OpenBSD: patch-src_child_c,v 1.1 2012/08/20 09:51:20 jasper Exp $
|
|
|
|
Security fix for CVE-2012-3505, tinyproxy: multiple headers hashmap DoS
|
|
Patch from https://bugzilla.redhat.com/show_bug.cgi?id=849368
|
|
CVE-2012-3505-tinyproxy-randomized-hashmaps.patch
|
|
|
|
--- src/child.c.orig Sun Jan 10 23:52:04 2010
|
|
+++ src/child.c Mon Aug 20 11:47:33 2012
|
|
@@ -20,6 +20,9 @@
|
|
* processing incoming connections.
|
|
*/
|
|
|
|
+#include <stdlib.h>
|
|
+#include <time.h>
|
|
+
|
|
#include "main.h"
|
|
|
|
#include "child.h"
|
|
@@ -196,6 +199,7 @@ static void child_main (struct child_s *ptr)
|
|
}
|
|
|
|
ptr->connects = 0;
|
|
+ srand(time(NULL));
|
|
|
|
while (!config.quit) {
|
|
ptr->status = T_WAITING;
|