Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • D dbus
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 262
    • Issues 262
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 33
    • Merge requests 33
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • dbusdbus
  • dbus
  • Repository
Switch branch/tag
  • dbus
  • bus
  • config-loader-expat.c
Find file BlameHistoryPermalink
  • Simon McVittie's avatar
    config-loader-expat: Tell Expat not to defend against hash collisions · 8d8b5eb8
    Simon McVittie authored Jul 21, 2017
    By default, Expat uses cryptographic-quality random numbers as a salt for
    its hash algorithm, and since 2.2.1 it gets them from the getrandom
    syscall on Linux. That syscall refuses to return any entropy until the
    kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
    can take as long as 40 seconds on embedded devices with few entropy
    sources, which is too long: if the system dbus-daemon blocks for that
    length of time, important D-Bus clients like systemd and systemd-logind
    time out and fail to connect to it.
    
    We're parsing small configuration files here, and we trust them
    completely, so we don't need to defend against hash collisions: nobody
    is going to be crafting them to cause pathological performance.
    
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
    
    
    Tested-by: default avatarChristopher Hewitt <hewitt@ieee.org>
    [smcv: Adjust build-system changes for 1.11.x]
    Signed-off-by: default avatarSimon McVittie <smcv@debian.org>
    Reviewed-by: Philip Withnall's avatarPhilip Withnall <withnall@endlessm.com>
    8d8b5eb8