1: /*
2: +----------------------------------------------------------------------+
3: | Suhosin-Patch for PHP |
4: +----------------------------------------------------------------------+
5: | Copyright (c) 2004-2009 Stefan Esser |
6: +----------------------------------------------------------------------+
7: | This source file is subject to version 2.02 of the PHP license, |
8: | that is bundled with this package in the file LICENSE, and is |
9: | available at through the world-wide-web at |
10: | http://www.php.net/license/2_02.txt. |
11: | If you did not receive a copy of the PHP license and are unable to |
12: | obtain it through the world-wide-web, please send a note to |
13: | license@php.net so we can mail you a copy immediately. |
14: +----------------------------------------------------------------------+
15: | Author: Stefan Esser <stefan.esser@sektioneins.de> |
16: +----------------------------------------------------------------------+
17: */
18: /* $Id: zend_canary.c,v 1.1.1.1 2012/02/21 23:47:52 misho Exp $ */
19:
20: #include "zend.h"
21:
22: #include <stdio.h>
23: #include <stdlib.h>
24:
25:
26: #if SUHOSIN_PATCH
27:
28: static size_t last_canary = 0x73625123;
29:
30: /* will be replaced later with more compatible method */
31: ZEND_API void zend_canary(void *buf, int len)
32: {
33: time_t t;
34: size_t canary;
35: int fd;
36:
37: #ifndef PHP_WIN32
38: fd = open("/dev/urandom", 0);
39: if (fd != -1) {
40: int r = read(fd, buf, len);
41: close(fd);
42: if (r == len) {
43: return;
44: }
45: }
46: #endif
47: /* not good but we never want to do this */
48: time(&t);
49: canary = *(unsigned int *)&t + getpid() << 16 + last_canary;
50: last_canary ^= (canary << 5) | (canary >> (32-5));
51: /* When we ensure full win32 compatibility in next version
52: we will replace this with the random number code from zend_alloc.c */
53: memcpy(buf, &canary, len);
54: }
55:
56: #endif
57:
58:
59: /*
60: * Local variables:
61: * tab-width: 4
62: * c-basic-offset: 4
63: * End:
64: * vim600: sw=4 ts=4 fdm=marker
65: * vim<600: sw=4 ts=4
66: */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>