diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2018-07-04 22:07:33 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2018-07-04 22:07:33 -0700 |
| commit | 44b66777caafeebf543c32c9373632c04f748353 (patch) | |
| tree | 40e7f6f3a3b3435ef71865a48f072c3c732e3206 /tests | |
| parent | 9127ea3ff84327cd32552b4a90d56b4bf114bb86 (diff) | |
| download | txr-44b66777caafeebf543c32c9373632c04f748353.tar.gz txr-44b66777caafeebf543c32c9373632c04f748353.tar.bz2 txr-44b66777caafeebf543c32c9373632c04f748353.zip | |
hashing: overhaul part 1.
Hashing of buffers and character strings is being replaced
with a seedable hash, providing a tool against denial of
service attacks against hash tables.
This commit lays most of the groundwork: most of the internal
interface changes, and a new hashing implementation. What is
missing is the mechanisms to do the seeding.
* hash.c (struct hash_ops): Hash operation now takes a seed
argument of type ucnum.
(struct hash): New member, seed.
(hash_str_limit): Default value changed to INT_MAX.
A short value opens the gateway to an obvious collision attack
whereby strings sharing the same 128 character prefix are
entered into the same hash table, which will defeat any
seedings strategy.
(randbox): New static array. Values come from the Kazlib hash
module, but are not used in exactly the same way.
(hash_c_str, hash_buf): Now take a seed argument, and are
rewritten.
(equal_hash): Takes a seed, and passes it to hash_c_str,
hash_buf and to recursive self calls.
(eql_hash_op): New static function. Adapts the eql_hash
operation, which doesn't take a seed, to the new interface
that calls for a seed.
(obj_eq_hash_op): Take a seed; ignore it.
(hash_hash_op): Take a seed, pass it down to equal_hash.
(hash_eql_ops): Wire hash functiono pointer to eql_hash_op
instead of eql_hash.
(make_hash): For now, intialize the hash's seed to zero.
(make_similar_hash): Copy original hash's seed.
(gethash_c, gethash_e, remhash): Pass hash table's seed to
the hashing function.
(hash_equal): Pass a seed of zero to equal_hash for now;
this function will soon acquire an optional parameter for the
seed.
* hash.h (equal_hash): Declaration updated.
* lib.c (cobj_handle_hash_op): Take seed argument, pass down.
* lib.h (cobj_ops): Hash operation now takes seed.
(cobj_eq_hash_op, cobj_handle_hash_op): Declarations updated.
* struct.c (struct_inst_hash): Take seed argument, pass down.
* tests/009/json.expected: Updated, because the hash table
included in this output is now printed in a different order.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/009/json.expected | 92 |
1 files changed, 47 insertions, 45 deletions
diff --git a/tests/009/json.expected b/tests/009/json.expected index 8c3fc4c6..6330a595 100644 --- a/tests/009/json.expected +++ b/tests/009/json.expected @@ -1,52 +1,54 @@ -AST: #H(() ("web-app" #H(() ("servlet-mapping" #H(() ("cofaxTools" "/tools/*") ("cofaxCDS" "/") ("cofaxAdmin" "/admin/*") - ("cofaxEmail" "/cofaxutil/aemail/*") ("fileServlet" "/static/*"))) - ("servlet" #(#H(() ("servlet-class" "org.cofax.cds.CDSServlet") ("init-param" #H(() ("defaultFileTemplate" "articleTemplate.htm") ("configGlossary:installationAt" "Philadelphia, PA") - ("templateOverridePath" "") ("dataStoreLogLevel" "debug") ("searchEngineListTemplate" "forSearchEnginesList.htm") - ("dataStoreClass" "org.cofax.SqlDataStore") ("configGlossary:poweredBy" "Cofax") - ("jspFileTemplate" "articleTemplate.jsp") ("cacheTemplatesTrack" 100.0) - ("cacheTemplatesStore" 50.0) ("templateProcessorClass" "org.cofax.WysiwygTemplate") - ("dataStoreUser" "sa") ("redirectionClass" "org.cofax.SqlRedirection") - ("dataStoreConnUsageLimit" 100.0) ("dataStoreMaxConns" 100.0) - ("jspListTemplate" "listTemplate.jsp") ("useJSP" :false) ("configGlossary:poweredByIcon" "/images/cofax.gif") - ("templateLoaderClass" "org.cofax.FilesTemplateLoader") ("cacheTemplatesRefresh" 15.0) - ("cachePagesDirtyRead" 10.0) ("searchEngineRobotsDb" "WEB-INF/robots.db") - ("cachePagesStore" 100.0) ("dataStoreTestQuery" "SET NOCOUNT ON;select test='test';") - ("configGlossary:adminEmail" "ksm@pobox.com") ("configGlossary:staticPath" "/content/static") - ("dataStoreInitConns" 10.0) ("cachePagesTrack" 200.0) ("dataStorePassword" "dataStoreTestQuery") - ("defaultListTemplate" "listTemplate.htm") ("dataStoreLogFile" "/usr/local/tomcat/logs/datastore.log") - ("maxUrlLength" 500.0) ("dataStoreDriver" "com.microsoft.jdbc.sqlserver.SQLServerDriver") - ("dataStoreName" "cofax") ("cachePackageTagsRefresh" 60.0) ("templatePath" "templates") - ("dataStoreUrl" "jdbc:microsoft:sqlserver://LOCALHOST:1433;DatabaseName=goon") - ("useDataStore" :true) ("cachePackageTagsTrack" 200.0) ("searchEngineFileTemplate" "forSearchEngines.htm") - ("cachePackageTagsStore" 200.0) ("cachePagesRefresh" 10.0))) - ("servlet-name" "cofaxCDS")) - #H(() ("servlet-class" "org.cofax.cds.EmailServlet") ("init-param" #H(() ("mailHost" "mail1") ("mailHostOverride" "mail2"))) - ("servlet-name" "cofaxEmail")) - #H(() ("servlet-class" "org.cofax.cds.AdminServlet") ("servlet-name" "cofaxAdmin")) - #H(() ("servlet-class" "org.cofax.cds.FileServlet") ("servlet-name" "fileServlet")) - #H(() ("servlet-class" "org.cofax.cms.CofaxToolsServlet") ("init-param" #H(() ("lookInContext" 1.0) ("removePageCache" "/content/admin/remove?cache=pages&id=") - ("logMaxSize" "") ("dataLogMaxSize" "") ("removeTemplateCache" "/content/admin/remove?cache=templates&id=") - ("dataLog" 1.0) ("logLocation" "/usr/local/tomcat/logs/CofaxTools.log") - ("log" 1.0) ("adminGroupID" 4.0) ("templatePath" "toolstemplates/") - ("betaServer" :true) ("dataLogLocation" "/usr/local/tomcat/logs/dataLog.log") - ("fileTransferFolder" "/usr/local/tomcat/webapps/content/fileTransferFolder"))) - ("servlet-name" "cofaxTools")))) - ("taglib" #H(() ("taglib-uri" "cofax.tld") ("taglib-location" "/WEB-INF/tlds/cofax.tld")))))) +AST: #H(() ("web-app" #H(() ("servlet" #(#H(() ("servlet-name" "cofaxCDS") ("servlet-class" "org.cofax.cds.CDSServlet") + ("init-param" #H(() ("dataStoreName" "cofax") ("cachePagesRefresh" 10.0) ("defaultListTemplate" "listTemplate.htm") + ("useJSP" :false) ("cachePagesDirtyRead" 10.0) ("useDataStore" :true) + ("cachePagesTrack" 200.0) ("dataStoreMaxConns" 100.0) ("cachePackageTagsStore" 200.0) + ("configGlossary:poweredBy" "Cofax") ("dataStoreInitConns" 10.0) + ("dataStorePassword" "dataStoreTestQuery") ("templateLoaderClass" "org.cofax.FilesTemplateLoader") + ("configGlossary:poweredByIcon" "/images/cofax.gif") ("dataStoreTestQuery" "SET NOCOUNT ON;select test='test';") + ("dataStoreConnUsageLimit" 100.0) ("dataStoreUrl" "jdbc:microsoft:sqlserver://LOCALHOST:1433;DatabaseName=goon") + ("redirectionClass" "org.cofax.SqlRedirection") ("dataStoreUser" "sa") + ("jspListTemplate" "listTemplate.jsp") ("configGlossary:adminEmail" "ksm@pobox.com") + ("cacheTemplatesTrack" 100.0) ("defaultFileTemplate" "articleTemplate.htm") + ("templateOverridePath" "") ("cachePagesStore" 100.0) ("templatePath" "templates") + ("configGlossary:installationAt" "Philadelphia, PA") ("dataStoreClass" "org.cofax.SqlDataStore") + ("cachePackageTagsTrack" 200.0) ("jspFileTemplate" "articleTemplate.jsp") + ("dataStoreLogFile" "/usr/local/tomcat/logs/datastore.log") ("cacheTemplatesRefresh" 15.0) + ("cacheTemplatesStore" 50.0) ("searchEngineRobotsDb" "WEB-INF/robots.db") + ("templateProcessorClass" "org.cofax.WysiwygTemplate") ("dataStoreDriver" "com.microsoft.jdbc.sqlserver.SQLServerDriver") + ("dataStoreLogLevel" "debug") ("cachePackageTagsRefresh" 60.0) + ("configGlossary:staticPath" "/content/static") ("maxUrlLength" 500.0) + ("searchEngineFileTemplate" "forSearchEngines.htm") ("searchEngineListTemplate" "forSearchEnginesList.htm")))) + #H(() ("servlet-name" "cofaxEmail") ("servlet-class" "org.cofax.cds.EmailServlet") + ("init-param" #H(() ("mailHost" "mail1") ("mailHostOverride" "mail2")))) + #H(() ("servlet-name" "cofaxAdmin") ("servlet-class" "org.cofax.cds.AdminServlet")) + #H(() ("servlet-name" "fileServlet") ("servlet-class" "org.cofax.cds.FileServlet")) + #H(() ("servlet-name" "cofaxTools") ("servlet-class" "org.cofax.cms.CofaxToolsServlet") + ("init-param" #H(() ("adminGroupID" 4.0) ("fileTransferFolder" "/usr/local/tomcat/webapps/content/fileTransferFolder") + ("lookInContext" 1.0) ("dataLogMaxSize" "") ("removePageCache" "/content/admin/remove?cache=pages&id=") + ("dataLogLocation" "/usr/local/tomcat/logs/dataLog.log") ("logMaxSize" "") + ("betaServer" :true) ("logLocation" "/usr/local/tomcat/logs/CofaxTools.log") + ("removeTemplateCache" "/content/admin/remove?cache=templates&id=") + ("templatePath" "toolstemplates/") ("dataLog" 1.0) ("log" 1.0)))))) + ("taglib" #H(() ("taglib-uri" "cofax.tld") ("taglib-location" "/WEB-INF/tlds/cofax.tld"))) + ("servlet-mapping" #H(() ("cofaxAdmin" "/admin/*") ("cofaxCDS" "/") ("fileServlet" "/static/*") + ("cofaxEmail" "/cofaxutil/aemail/*") ("cofaxTools" "/tools/*")))))) Unmatched junk: "" AST: #("JSON Test Pattern pass1" #H(() ("object with 1 member" #("array with 1 element"))) - #H(()) #() -42.0 :true :false :null #H(() ("" 2.3456789012e76) ("digit" "0123456789") ("\\/\\\\\"쫾몾ꮘﳞ볚\b\f\n\r\t`1~!@#$%^&*()_+-=[]{}|;:',./<>?" "A key can be any string") - ("null" :null) ("one" 1.0) ("E" 1.23456789e34) ("special" "`1~!@#$%^&*()_+-={':[,]}|;.</>?") - ("e" 1.23456789e-13) ("comment" "// /* <!-- --") ("# -- --> */" " ") - ("real" -9876.54321) ("backslash" "\\\\") ("array" #()) ("url" "http://www.JSON.org/") - ("zero" 0.0) ("false" :false) ("space" " ") ("slash" "/ & \\/") - ("address" "50 St. James Street") ("compact" #(1.0 2.0 3.0 4.0 5.0 6.0 7.0)) - ("object" #H(())) ("quote" "\"") ("jsontext" "{\"object with 1 member\":[\"array with 1 element\"]}") - ("true" :true) ("integer" 1234567890.0) ("ALPHA" "ABCDEFGHIJKLMNOPQRSTUVWYZ") - ("quotes" "" \" %22 0x22 034 "") ("hex" "ģ䕧覫췯ꯍ") - ("0123456789" "digit") ("controls" "\b\f\n\r\t") ("alpha" "abcdefghijklmnopqrstuvwyz") - (" s p a c e d " #(1.0 2.0 3.0 4.0 5.0 6.0 7.0))) + #H(()) #() -42.0 :true :false :null #H(() ("compact" #(1.0 2.0 3.0 4.0 5.0 6.0 7.0)) ("quotes" "" \" %22 0x22 034 "") + ("object" #H(())) ("0123456789" "digit") ("" 2.3456789012e76) + ("ALPHA" "ABCDEFGHIJKLMNOPQRSTUVWYZ") ("digit" "0123456789") + ("quote" "\"") (" s p a c e d " #(1.0 2.0 3.0 4.0 5.0 6.0 7.0)) + ("one" 1.0) ("alpha" "abcdefghijklmnopqrstuvwyz") ("E" 1.23456789e34) + ("comment" "// /* <!-- --") ("special" "`1~!@#$%^&*()_+-={':[,]}|;.</>?") + ("url" "http://www.JSON.org/") ("null" :null) ("hex" "ģ䕧覫췯ꯍ") + ("controls" "\b\f\n\r\t") ("address" "50 St. James Street") ("# -- --> */" " ") + ("\\/\\\\\"쫾몾ꮘﳞ볚\b\f\n\r\t`1~!@#$%^&*()_+-=[]{}|;:',./<>?" "A key can be any string") + ("space" " ") ("e" 1.23456789e-13) ("real" -9876.54321) ("array" #()) + ("jsontext" "{\"object with 1 member\":[\"array with 1 element\"]}") + ("zero" 0.0) ("false" :false) ("slash" "/ & \\/") ("integer" 1234567890.0) + ("backslash" "\\\\") ("true" :true)) 0.5 98.6 99.44 1066.0 10.0 1.0 0.1 1.0 2.0 2.0 "rosebud") Unmatched junk: "" |