organicmaps/libexpat
13
Fork 0
mirror of https://github.com/libexpat/libexpat.git synced 2025-04-10 15:01:12 +00:00
Code Issues 1 Projects Releases Wiki Activity Actions

replace loadlibrary.c and RtlGenRandom call with rand_s() on windows

Browse source 
Signed-off-by: David Loffredo <loffredo@steptools.com>
This commit is contained in:
David Loffredo 2019-08-07 19:43:38 +02:00 committed by Sebastian Pipping
parent c5a2867de1
commit 5d34a708e7
12 changed files with 3 additions and 189 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
expat/CMakeLists.txt
View file

@ -175,7 +175,6 @@ if(WIN32)
endif(WIN32)
set(expat_SRCS
lib/loadlibrary.c
lib/xmlparse.c
lib/xmlrole.c
lib/xmltok.c

1
expat/lib/Makefile.am
View file

@ -40,7 +40,6 @@ libexpat_la_LDFLAGS = \
-version-info @LIBCURRENT@:@LIBREVISION@:@LIBAGE@
libexpat_la_SOURCES = \
loadlibrary.c \
xmlparse.c \
xmltok.c \
xmlrole.c

1
expat/lib/expat.vcxproj
View file

@ -148,7 +148,6 @@
<CustomBuild Include="libexpat.def" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c" />
<ClCompile Include="xmlparse.c">
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
</ExceptionHandling>

3
expat/lib/expat.vcxproj.filters
View file

@ -15,9 +15,6 @@
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="xmlparse.c">
<Filter>Source Files</Filter>
</ClCompile>

1
expat/lib/expat_static.vcxproj
View file

@ -121,7 +121,6 @@
</Lib>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c" />
<ClCompile Include="xmlparse.c" />
<ClCompile Include="xmlrole.c" />
<ClCompile Include="xmltok.c" />

3
expat/lib/expat_static.vcxproj.filters
View file

@ -11,9 +11,6 @@
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="xmlparse.c">
<Filter>Source Files</Filter>
</ClCompile>

1
expat/lib/expatw.vcxproj
View file

@ -148,7 +148,6 @@
<CustomBuild Include="libexpatw.def" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c" />
<ClCompile Include="xmlparse.c">
<ExceptionHandling Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
</ExceptionHandling>

3
expat/lib/expatw.vcxproj.filters
View file

@ -15,9 +15,6 @@
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="xmlparse.c">
<Filter>Source Files</Filter>
</ClCompile>

1
expat/lib/expatw_static.vcxproj
View file

@ -121,7 +121,6 @@
</Lib>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c" />
<ClCompile Include="xmlparse.c" />
<ClCompile Include="xmlrole.c" />
<ClCompile Include="xmltok.c" />

3
expat/lib/expatw_static.vcxproj.filters
View file

@ -11,9 +11,6 @@
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="loadlibrary.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="xmlparse.c">
<Filter>Source Files</Filter>
</ClCompile>

138
expat/lib/loadlibrary.c
View file

@ -1,138 +0,0 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2016 - 2017, Steve Holme, <steve_holme@hotmail.com>.
* Copyright (C) 2017, Expat development team
*
* All rights reserved.
* Licensed under the MIT license:
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF
* THIRD PARTY RIGHTS. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
* LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
* CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH
* THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* Except as contained in this notice, the name of a copyright holder shall
* not be used in advertising or otherwise to promote the sale, use or other
* dealings in this Software without prior written authorization of the
* copyright holder.
*
***************************************************************************/
#if defined(_WIN32)
# include <windows.h>
# include <tchar.h>
HMODULE _Expat_LoadLibrary(LPCTSTR filename);
# if ! defined(LOAD_WITH_ALTERED_SEARCH_PATH)
# define LOAD_WITH_ALTERED_SEARCH_PATH 0x00000008
# endif
# if ! defined(LOAD_LIBRARY_SEARCH_SYSTEM32)
# define LOAD_LIBRARY_SEARCH_SYSTEM32 0x00000800
# endif
/* We use our own typedef here since some headers might lack these */
typedef HMODULE(APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD);
/* See function definitions in winbase.h */
# ifdef UNICODE
# ifdef _WIN32_WCE
# define LOADLIBARYEX L"LoadLibraryExW"
# else
# define LOADLIBARYEX "LoadLibraryExW"
# endif
# else
# define LOADLIBARYEX "LoadLibraryExA"
# endif
/*
* _Expat_LoadLibrary()
*
* This is used to dynamically load DLLs using the most secure method available
* for the version of Windows that we are running on.
*
* Parameters:
*
* filename [in] - The filename or full path of the DLL to load. If only the
* filename is passed then the DLL will be loaded from the
* Windows system directory.
*
* Returns the handle of the module on success; otherwise NULL.
*/
HMODULE
_Expat_LoadLibrary(LPCTSTR filename) {
HMODULE hModule = NULL;
LOADLIBRARYEX_FN pLoadLibraryEx = NULL;
/* Get a handle to kernel32 so we can access it's functions at runtime */
HMODULE hKernel32 = GetModuleHandle(TEXT("kernel32"));
if (! hKernel32)
return NULL; /* LCOV_EXCL_LINE */
/* Attempt to find LoadLibraryEx() which is only available on Windows 2000
and above */
pLoadLibraryEx = (LOADLIBRARYEX_FN)GetProcAddress(hKernel32, LOADLIBARYEX);
/* Detect if there's already a path in the filename and load the library if
there is. Note: Both back slashes and forward slashes have been supported
since the earlier days of DOS at an API level although they are not
supported by command prompt */
if (_tcspbrk(filename, TEXT("\\/"))) {
/** !checksrc! disable BANNEDFUNC 1 **/
hModule = pLoadLibraryEx ? pLoadLibraryEx(filename, NULL,
LOAD_WITH_ALTERED_SEARCH_PATH)
: LoadLibrary(filename);
}
/* Detect if KB2533623 is installed, as LOAD_LIBARY_SEARCH_SYSTEM32 is only
supported on Windows Vista, Windows Server 2008, Windows 7 and Windows
Server 2008 R2 with this patch or natively on Windows 8 and above */
else if (pLoadLibraryEx && GetProcAddress(hKernel32, "AddDllDirectory")) {
/* Load the DLL from the Windows system directory */
hModule = pLoadLibraryEx(filename, NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
} else {
/* Attempt to get the Windows system path */
UINT systemdirlen = GetSystemDirectory(NULL, 0);
if (systemdirlen) {
/* Allocate space for the full DLL path (Room for the null terminator
is included in systemdirlen) */
size_t filenamelen = _tcslen(filename);
TCHAR *path = malloc(sizeof(TCHAR) * (systemdirlen + 1 + filenamelen));
if (path && GetSystemDirectory(path, systemdirlen)) {
/* Calculate the full DLL path */
_tcscpy(path + _tcslen(path), TEXT("\\"));
_tcscpy(path + _tcslen(path), filename);
/* Load the DLL from the Windows system directory */
/** !checksrc! disable BANNEDFUNC 1 **/
hModule = pLoadLibraryEx ? pLoadLibraryEx(path, NULL,
LOAD_WITH_ALTERED_SEARCH_PATH)
: LoadLibrary(path);
}
free(path);
}
}
return hModule;
}
#else /* defined(_WIN32) */
/* ISO C requires a translation unit to contain at least one declaration
[-Wempty-translation-unit] */
typedef int _TRANSLATION_UNIT_LOAD_LIBRARY_C_NOT_EMTPY;
#endif /* defined(_WIN32) */

36
expat/lib/xmlparse.c
View file

@ -104,7 +104,7 @@
* libbsd (arc4random_buf): HAVE_ARC4RANDOM_BUF + HAVE_LIBBSD, \
* libbsd (arc4random): HAVE_ARC4RANDOM + HAVE_LIBBSD, \
* Linux / BSD / macOS (/dev/urandom): XML_DEV_URANDOM \
* Windows (RtlGenRandom): _WIN32. \
* Windows (rand_s): _WIN32. \
\
If insist on not using any of these, bypass this error by defining \
XML_POOR_ENTROPY; you have been warned. \
@ -758,36 +758,6 @@ writeRandomBytes_rand_s(void *target, size_t count) {
return 1; /* success */
}
typedef BOOLEAN(APIENTRY *RTLGENRANDOM_FUNC)(PVOID, ULONG);
HMODULE _Expat_LoadLibrary(LPCTSTR filename); /* see loadlibrary.c */
/* Obtain entropy on Windows XP / Windows Server 2003 and later.
* Hint on RtlGenRandom and the following article from libsodium.
*
* Michael Howard: Cryptographically Secure Random number on Windows without
* using CryptoAPI
* https://blogs.msdn.microsoft.com/michael_howard/2005/01/14/cryptographically-secure-random-number-on-windows-without-using-cryptoapi/
*/
static int
writeRandomBytes_RtlGenRandom(void *target, size_t count) {
int success = 0; /* full count bytes written? */
const HMODULE advapi32 = _Expat_LoadLibrary(TEXT("ADVAPI32.DLL"));
if (advapi32) {
const RTLGENRANDOM_FUNC RtlGenRandom
= (RTLGENRANDOM_FUNC)GetProcAddress(advapi32, "SystemFunction036");
if (RtlGenRandom) {
if (RtlGenRandom((PVOID)target, (ULONG)count) == TRUE) {
success = 1;
}
}
FreeLibrary(advapi32);
}
return success;
}
#endif /* _WIN32 */
#if ! defined(HAVE_ARC4RANDOM_BUF) && ! defined(HAVE_ARC4RANDOM)
@ -842,8 +812,8 @@ generate_hash_secret_salt(XML_Parser parser) {
#else
/* Try high quality providers first .. */
# ifdef _WIN32
if (writeRandomBytes_RtlGenRandom((void *)&entropy, sizeof(entropy))) {
return ENTROPY_DEBUG("RtlGenRandom", entropy);
if (writeRandomBytes_rand_s((void *)&entropy, sizeof(entropy))) {
return ENTROPY_DEBUG("rand_s", entropy);
}
# elif defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM)
if (writeRandomBytes_getrandom_nonblock((void *)&entropy, sizeof(entropy))) {