Fixes Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash table internal to the pyexpat module's copy of the expat library to avoid a denial of service due to hash collisions. Patch by David Malcolm with some modifications by the expat project.

commit: c8ff46032f2290ef848aea9485d376dc156347bd [log] [tgz]
author: Gregory P. Smith <greg@krypto.org> Wed Mar 14 15:28:10 2012 -0700
committer: Gregory P. Smith <greg@krypto.org> Wed Mar 14 15:28:10 2012 -0700
tree: 2b202a90f3eacd23cfa10de65e34892c4806e0f4
parent: f590e0458edd040efd08ec1cfc006a934d386ecd [diff] [blame]
diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c
index 3d04ca8..3cbe81c 100644
--- a/Modules/pyexpat.c
+++ b/Modules/pyexpat.c

@@ -1302,6 +1302,8 @@
     else {
         self->itself = XML_ParserCreate(encoding);
     }
+    XML_SetHashSalt(self->itself,
+                    (unsigned long)_Py_HashSecret.prefix);
     self->intern = intern;
     Py_XINCREF(self->intern);
 #ifdef Py_TPFLAGS_HAVE_GC
commit	c8ff46032f2290ef848aea9485d376dc156347bd	[log] [tgz]
author	Gregory P. Smith <greg@krypto.org>	Wed Mar 14 15:28:10 2012 -0700
committer	Gregory P. Smith <greg@krypto.org>	Wed Mar 14 15:28:10 2012 -0700
tree	2b202a90f3eacd23cfa10de65e34892c4806e0f4
parent	f590e0458edd040efd08ec1cfc006a934d386ecd [diff] [blame]