Re: expat hash collision fix too predictable?

[Sebastian Pipping <sebastian () pipping org>]

Hi!


On 05.04.2012 11:30, Marcus Meissner wrote:
> Hi,
>
> while reviewing a expat regression (likely caused by the hash collision denial of service fix, but unclear)
> i stumbled about the randomness it uses.
>
>       static unsigned long
>       generate_hash_secret_salt(void)
>       {
>         unsigned int seed = time(NULL) % UINT_MAX;
>         srand(seed);
>         return rand();
>       }
>
> and it is seeded once at parser object creation.
>
> This is better than not seeding, but I am not sure if it is sufficient.
>
> Ciao, Marcus

Please excuse bumping this thread.  It think it may need another CVE:

The call to srand(3) can reduce the security of the calling application,
depending on what it is doing with srand(3)/random(3).  This behavior is
recognized as a bug by Fedora, too
(https://bugzilla.redhat.com/show_bug.cgi?id=1197087).

There are multiple related commits in Expat's Git repository.  I am
happy to extract a single to-the-point patch for your version of Expat
and operating system platform from that for you, if needed.

Best



Sebastian