Overview

File CVE-2013-6401.patch of Package libjansson.openSUSE_13.1_Update

diff -Naur a/src/hashtable.c b/src/hashtable.c
--- a/src/hashtable.c	2012-03-20 19:56:00.000000000 +0100
+++ b/src/hashtable.c	2014-03-10 16:39:21.044317074 +0100
@@ -10,6 +10,7 @@
 #include <jansson_config.h>   /* for JSON_INLINE */
 #include "jansson_private.h"  /* for container_of() */
 #include "hashtable.h"
+#include <sys/time.h>
 
 typedef struct hashtable_list list_t;
 typedef struct hashtable_pair pair_t;
@@ -21,17 +22,25 @@
 static size_t hash_str(const void *ptr)
 {
     const char *str = (const char *)ptr;
+    static size_t hashxor = 0;
 
     size_t hash = 5381;
     size_t c;
 
+    if (!hashxor) {
+       struct timeval tv;
+   gettimeofday(&tv,NULL);
+
+   hashxor = tv.tv_usec;
+   }
+
     while((c = (size_t)*str))
     {
         hash = ((hash << 5) + hash) + c;
         str++;
     }
 
-    return hash;
+    return hash ^ hashxor;
 }
 
 static JSON_INLINE void list_init(list_t *list)
diff -Naur a/test/suites/api/test_object.c b/test/suites/api/test_object.c
--- a/test/suites/api/test_object.c	2012-03-20 19:56:00.000000000 +0100
+++ b/test/suites/api/test_object.c	2014-03-10 16:26:34.579305573 +0100
@@ -249,7 +249,11 @@
 
 static void test_iterators()
 {
+    int i;
     json_t *object, *foo, *bar, *baz;
+    const char *iter_keys[3];
+    int have_key[3] = { 0, 0, 0 };
+    json_t *iter_values[3];
     void *iter;
 
     if(json_object_iter(NULL))
@@ -276,30 +280,50 @@
     iter = json_object_iter(object);
     if(!iter)
         fail("unable to get iterator");
-    if(strcmp(json_object_iter_key(iter), "a"))
-        fail("iterating failed: wrong key");
-    if(json_object_iter_value(iter) != foo)
-        fail("iterating failed: wrong value");
+    iter_keys[0] = json_object_iter_key(iter);
+    iter_values[0] = json_object_iter_value(iter);
 
     iter = json_object_iter_next(object, iter);
     if(!iter)
         fail("unable to increment iterator");
-    if(strcmp(json_object_iter_key(iter), "b"))
-        fail("iterating failed: wrong key");
-    if(json_object_iter_value(iter) != bar)
-        fail("iterating failed: wrong value");
+    iter_keys[1] = json_object_iter_key(iter);
+    iter_values[1] = json_object_iter_value(iter);
 
     iter = json_object_iter_next(object, iter);
     if(!iter)
         fail("unable to increment iterator");
-    if(strcmp(json_object_iter_key(iter), "c"))
-        fail("iterating failed: wrong key");
-    if(json_object_iter_value(iter) != baz)
-        fail("iterating failed: wrong value");
+    iter_keys[2] = json_object_iter_key(iter);
+    iter_values[2] = json_object_iter_value(iter);
 
     if(json_object_iter_next(object, iter) != NULL)
         fail("able to iterate over the end");
 
+    /* Check that keys have correct values */
+    for (i = 0; i < 3; i++) {
+        if (strcmp(iter_keys[i], "a") == 0) {
+            if (iter_values[i] != foo)
+                fail("wrong value for iter key a");
+            else
+                have_key[0] = 1;
+        } else if (strcmp(iter_keys[i], "b") == 0) {
+            if (iter_values[i] != bar)
+                fail("wrong value for iter key b");
+            else
+                have_key[1] = 1;
+        } else if (strcmp(iter_keys[i], "c") == 0) {
+            if (iter_values[i] != baz)
+                fail("wrong value for iter key c");
+            else
+                have_key[2] = 1;
+        }
+    }
+
+    /* Check that we got all keys */
+    for(i = 0; i < 3; i++) {
+        if(!have_key[i])
+            fail("a key wasn't iterated over");
+    }
+
     if(json_object_iter_at(object, "foo"))
         fail("json_object_iter_at() succeeds for non-existent key");
 
@@ -312,22 +336,14 @@
     if(json_object_iter_value(iter) != bar)
         fail("iterating failed: wrong value");
 
-    iter = json_object_iter_next(object, iter);
-    if(!iter)
-        fail("unable to increment iterator");
-    if(strcmp(json_object_iter_key(iter), "c"))
-        fail("iterating failed: wrong key");
-    if(json_object_iter_value(iter) != baz)
-        fail("iterating failed: wrong value");
-
-    if(json_object_iter_set(object, iter, bar))
+    if(json_object_iter_set(object, iter, baz))
         fail("unable to set value at iterator");
 
-    if(strcmp(json_object_iter_key(iter), "c"))
+    if(strcmp(json_object_iter_key(iter), "b"))
         fail("json_object_iter_key() fails after json_object_iter_set()");
-    if(json_object_iter_value(iter) != bar)
+    if(json_object_iter_value(iter) != baz)
         fail("json_object_iter_value() fails after json_object_iter_set()");
-    if(json_object_get(object, "c") != bar)
+    if(json_object_get(object, "b") != baz)
         fail("json_object_get() fails after json_object_iter_set()");
 
     json_decref(object);
openSUSE Build Service is sponsored by
Places