packages/cups
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cups/CVE-2018-4300.patch
overweight bd15159fbe Package init
2019-09-30 10:36:23 -04:00

21 lines
801 B
Diff
Raw Blame History

--- a/cgi-bin/var.c 2013-06-07 09:12:52.000000000 +0800
+++ b/cgi-bin/var.c 2019-04-20 18:23:17.835000000 +0800
@@ -1222,6 +1222,7 @@ cgi_set_sid(void)
*server_name, /* SERVER_NAME */
*server_port; /* SERVER_PORT */
+ struct timeval curtime; /* Current time */
if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
remote_addr = "REMOTE_ADDR";
@@ -1230,7 +1231,8 @@ cgi_set_sid(void)
if ((server_port = getenv("SERVER_PORT")) == NULL)
server_port = "SERVER_PORT";
- CUPS_SRAND(time(NULL));
+ gettimeofday(&curtime, NULL);
+ CUPS_SRAND(curtime.tv_sec + curtime.tv_usec);
snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
remote_addr, server_name, server_port,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
Reference in New Issue View Git Blame Copy Permalink