commit 64e36901a0614bf64a19bc3396469c66dcd0b015
author Michael Clark <michael@metaparadigm.com> Wed Apr 09 13:48:21 2014 +0800
committer Michael Clark <michael@metaparadigm.com> Wed Apr 09 13:48:21 2014 +0800
tree 8a897e095b59db5c6e089866ba2b075cd0d3f60a
parent 784534a31f301466d9ab6f8d5b5ccd39a3b9f156

Patch to address the following issues:

* CVE-2013-6371: hash collision denial of service
* CVE-2013-6370: buffer overflow if size_t is larger than int

configure.ac

diff --git a/configure.ac b/configure.ac
index 6ad10ad..48c8e5f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,6 +7,20 @@
 
 AC_PROG_MAKE_SET
 
+AC_ARG_ENABLE(rdrand,
+ AS_HELP_STRING([--enable-rdrand],
+   [Enable RDRAND Hardware RNG Hash Seed generation on supported x86/x64 platforms.]),
+[if test x$enableval = xyes; then
+  enable_rdrand=yes
+  AC_DEFINE(ENABLE_RDRAND, 1, [Enable RDRANR Hardware RNG Hash Seed])
+fi])
+
+if test "x$enable_rdrand" = "xyes"; then
+  AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed enabled on supported x86/x64 platforms])
+else
+  AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed disabled. Use --enable-rdrand to enable])
+fi
+
 # Checks for programs.
 
 # Checks for libraries.
@@ -16,7 +30,7 @@
 AC_CONFIG_HEADER(config.h)
 AC_CONFIG_HEADER(json_config.h)
 AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h)
+AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h endian.h)
 AC_CHECK_HEADER(inttypes.h,[AC_DEFINE([JSON_C_HAVE_INTTYPES_H],[1],[Public define for json_inttypes.h])])
 
 # Checks for typedefs, structures, and compiler characteristics.