Patch to address the following issues:

* CVE-2013-6371: hash collision denial of service * CVE-2013-6370: buffer overflow if size_t is larger than int
11 years ago · 64e36901a0
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,8 @@ libjson_cinclude_HEADERS = \
 	json_tokener.h \
 	json_util.h \
 	linkhash.h \
 	printbuf.h
 	printbuf.h \
 	random_seed.h

 #libjsonx_includedir = $(libdir)/json-c-@VERSION@
 #
@@ -41,7 +42,8 @@ libjson_c_la_SOURCES = \
 	json_tokener.c \
 	json_util.c \
 	linkhash.c \
 	printbuf.c
 	printbuf.c \
 	random_seed.c


 distclean-local:
--- a/Makefile.am.inc
+++ b/Makefile.am.inc
@@ -1,2 +1,2 @@
 AM_CFLAGS = -Wall -Werror -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT
 AM_CFLAGS = -Wall -Werror -Wno-error=deprecated-declarations -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT

--- a/config.h.in
+++ b/config.h.in
@@ -1,5 +1,8 @@
 /* config.h.in.  Generated from configure.ac by autoheader.  */

 /* Enable RDRANR Hardware RNG Hash Seed */
 #undef ENABLE_RDRAND

 /* Define if .gnu.warning accepts long strings. */
 #undef HAS_GNU_WARNING_LONG

@@ -32,6 +35,9 @@
 /* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
 #undef HAVE_DOPRNT

 /* Define to 1 if you have the <endian.h> header file. */
 #undef HAVE_ENDIAN_H

 /* Define to 1 if you have the <fcntl.h> header file. */
 #undef HAVE_FCNTL_H

--- a/configure.ac
+++ b/configure.ac
@@ -7,6 +7,20 @@ AM_INIT_AUTOMAKE

 AC_PROG_MAKE_SET

 AC_ARG_ENABLE(rdrand,
 AS_HELP_STRING([--enable-rdrand],
   [Enable RDRAND Hardware RNG Hash Seed generation on supported x86/x64 platforms.]),
 [if test x$enableval = xyes; then
  enable_rdrand=yes
  AC_DEFINE(ENABLE_RDRAND, 1, [Enable RDRANR Hardware RNG Hash Seed])
 fi])

 if test "x$enable_rdrand" = "xyes"; then
  AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed enabled on supported x86/x64 platforms])
 else
  AC_MSG_RESULT([RDRAND Hardware RNG Hash Seed disabled. Use --enable-rdrand to enable])
 fi

 # Checks for programs.

 # Checks for libraries.
@@ -16,7 +30,7 @@ AM_PROG_CC_C_O
 AC_CONFIG_HEADER(config.h)
 AC_CONFIG_HEADER(json_config.h)
 AC_HEADER_STDC
 AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h)
 AC_CHECK_HEADERS(fcntl.h limits.h strings.h syslog.h unistd.h [sys/cdefs.h] [sys/param.h] stdarg.h locale.h endian.h)
 AC_CHECK_HEADER(inttypes.h,[AC_DEFINE([JSON_C_HAVE_INTTYPES_H],[1],[Public define for json_inttypes.h])])

 # Checks for typedefs, structures, and compiler characteristics.
--- a/json_object.h
+++ b/json_object.h
@@ -13,6 +13,14 @@
 #ifndef _json_object_h_
 #define _json_object_h_

 #ifdef __GNUC__
 #define THIS_FUNCTION_IS_DEPRECATED(func) func __attribute__ ((deprecated))
 #elif defined(_MSC_VER)
 #define THIS_FUNCTION_IS_DEPRECATED(func) __declspec(deprecated) func
 #else
 #define THIS_FUNCTION_IS_DEPRECATED(func) func
 #endif

 #include "json_inttypes.h"

 #ifdef __cplusplus
@@ -279,8 +287,8 @@ extern void json_object_object_add(struct json_object* obj, const char *key,
 * @returns the json_object associated with the given field name
 * @deprecated Please use json_object_object_get_ex
 */
 extern struct json_object* json_object_object_get(struct json_object* obj,
 						  const char *key);
 THIS_FUNCTION_IS_DEPRECATED(extern struct json_object* json_object_object_get(struct json_object* obj,
 						  const char *key));

 /** Get the json_object associated with a given object field.  
 *
--- a/json_tokener.c
+++ b/json_tokener.c
@@ -81,6 +81,7 @@ static const char* json_tokener_errors[] = {
  "object value separator ',' expected",
  "invalid string sequence",
  "expected comment",
  "buffer size overflow"
 };

 const char *json_tokener_error_desc(enum json_tokener_error jerr)
@@ -243,6 +244,16 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
  tok->char_offset = 0;
  tok->err = json_tokener_success;

  /* this interface is presently not 64-bit clean due to the int len argument
     and the internal printbuf interface that takes 32-bit int len arguments
     so the function limits the maximum string size to INT32_MAX (2GB).
     If the function is called with len == -1 then strlen is called to check
     the string length is less than INT32_MAX (2GB) */
  if ((len < -1) || (len == -1 && strlen(str) > INT32_MAX)) {
    tok->err = json_tokener_error_size;
    return NULL;
  }

  while (PEEK_CHAR(c, tok)) {

  redo_char:
--- a/json_tokener.h
+++ b/json_tokener.h
@@ -33,7 +33,8 @@ enum json_tokener_error {
  json_tokener_error_parse_object_key_sep,
  json_tokener_error_parse_object_value_sep,
  json_tokener_error_parse_string,
  json_tokener_error_parse_comment
  json_tokener_error_parse_comment,
  json_tokener_error_size
 };

 enum json_tokener_state {
@@ -163,6 +164,11 @@ extern void json_tokener_set_flags(struct json_tokener *tok, int flags);
 * responsible for calling json_tokener_parse_ex with an appropriate str
 * parameter starting with the extra characters.
 *
 * This interface is presently not 64-bit clean due to the int len argument
 * so the function limits the maximum string size to INT32_MAX (2GB).
 * If the function is called with len == -1 then strlen is called to check
 * the string length is less than INT32_MAX (2GB)
 *
 * Example:
 * @code
 json_object *jobj = NULL;
--- a/linkhash.c
+++ b/linkhash.c
@@ -17,6 +17,11 @@
 #include <stddef.h>
 #include <limits.h>

 #ifdef HAVE_ENDIAN_H
 # include <endian.h>    /* attempt to define endianness */
 #endif

 #include "random_seed.h"
 #include "linkhash.h"

 void lh_abort(const char *msg, ...)
@@ -39,14 +44,378 @@ int lh_ptr_equal(const void *k1, const void *k2)
 	return (k1 == k2);
 }

 /* 
 * hashlittle from lookup3.c, by Bob Jenkins, May 2006, Public Domain.
 * http://burtleburtle.net/bob/c/lookup3.c
 * minor modifications to make functions static so no symbols are exported
 * minor mofifications to compile with -Werror
 */

 /*
 -------------------------------------------------------------------------------
 lookup3.c, by Bob Jenkins, May 2006, Public Domain.

 These are functions for producing 32-bit hashes for hash table lookup.
 hashword(), hashlittle(), hashlittle2(), hashbig(), mix(), and final() 
 are externally useful functions.  Routines to test the hash are included 
 if SELF_TEST is defined.  You can use this free for any purpose.  It's in
 the public domain.  It has no warranty.

 You probably want to use hashlittle().  hashlittle() and hashbig()
 hash byte arrays.  hashlittle() is is faster than hashbig() on
 little-endian machines.  Intel and AMD are little-endian machines.
 On second thought, you probably want hashlittle2(), which is identical to
 hashlittle() except it returns two 32-bit hashes for the price of one.  
 You could implement hashbig2() if you wanted but I haven't bothered here.

 If you want to find a hash of, say, exactly 7 integers, do
  a = i1;  b = i2;  c = i3;
  mix(a,b,c);
  a += i4; b += i5; c += i6;
  mix(a,b,c);
  a += i7;
  final(a,b,c);
 then use c as the hash value.  If you have a variable length array of
 4-byte integers to hash, use hashword().  If you have a byte array (like
 a character string), use hashlittle().  If you have several byte arrays, or
 a mix of things, see the comments above hashlittle().  

 Why is this so big?  I read 12 bytes at a time into 3 4-byte integers, 
 then mix those integers.  This is fast (you can do a lot more thorough
 mixing with 12*3 instructions on 3 integers than you can with 3 instructions
 on 1 byte), but shoehorning those bytes into integers efficiently is messy.
 -------------------------------------------------------------------------------
 */

 /*
 * My best guess at if you are big-endian or little-endian.  This may
 * need adjustment.
 */
 #if (defined(__BYTE_ORDER) && defined(__LITTLE_ENDIAN) && \
     __BYTE_ORDER == __LITTLE_ENDIAN) || \
    (defined(i386) || defined(__i386__) || defined(__i486__) || \
     defined(__i586__) || defined(__i686__) || defined(vax) || defined(MIPSEL))
 # define HASH_LITTLE_ENDIAN 1
 # define HASH_BIG_ENDIAN 0
 #elif (defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && \
       __BYTE_ORDER == __BIG_ENDIAN) || \
      (defined(sparc) || defined(POWERPC) || defined(mc68000) || defined(sel))
 # define HASH_LITTLE_ENDIAN 0
 # define HASH_BIG_ENDIAN 1
 #else
 # define HASH_LITTLE_ENDIAN 0
 # define HASH_BIG_ENDIAN 0
 #endif

 #define hashsize(n) ((uint32_t)1<<(n))
 #define hashmask(n) (hashsize(n)-1)
 #define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k))))

 /*
 -------------------------------------------------------------------------------
 mix -- mix 3 32-bit values reversibly.

 This is reversible, so any information in (a,b,c) before mix() is
 still in (a,b,c) after mix().

 If four pairs of (a,b,c) inputs are run through mix(), or through
 mix() in reverse, there are at least 32 bits of the output that
 are sometimes the same for one pair and different for another pair.
 This was tested for:
 * pairs that differed by one bit, by two bits, in any combination
  of top bits of (a,b,c), or in any combination of bottom bits of
  (a,b,c).
 * "differ" is defined as +, -, ^, or ~^.  For + and -, I transformed
  the output delta to a Gray code (a^(a>>1)) so a string of 1's (as
  is commonly produced by subtraction) look like a single 1-bit
  difference.
 * the base values were pseudorandom, all zero but one bit set, or 
  all zero plus a counter that starts at zero.

 Some k values for my "a-=c; a^=rot(c,k); c+=b;" arrangement that
 satisfy this are
    4  6  8 16 19  4
    9 15  3 18 27 15
   14  9  3  7 17  3
 Well, "9 15 3 18 27 15" didn't quite get 32 bits diffing
 for "differ" defined as + with a one-bit base and a two-bit delta.  I
 used http://burtleburtle.net/bob/hash/avalanche.html to choose 
 the operations, constants, and arrangements of the variables.

 This does not achieve avalanche.  There are input bits of (a,b,c)
 that fail to affect some output bits of (a,b,c), especially of a.  The
 most thoroughly mixed value is c, but it doesn't really even achieve
 avalanche in c.

 This allows some parallelism.  Read-after-writes are good at doubling
 the number of bits affected, so the goal of mixing pulls in the opposite
 direction as the goal of parallelism.  I did what I could.  Rotates
 seem to cost as much as shifts on every machine I could lay my hands
 on, and rotates are much kinder to the top and bottom bits, so I used
 rotates.
 -------------------------------------------------------------------------------
 */
 #define mix(a,b,c) \
 { \
  a -= c;  a ^= rot(c, 4);  c += b; \
  b -= a;  b ^= rot(a, 6);  a += c; \
  c -= b;  c ^= rot(b, 8);  b += a; \
  a -= c;  a ^= rot(c,16);  c += b; \
  b -= a;  b ^= rot(a,19);  a += c; \
  c -= b;  c ^= rot(b, 4);  b += a; \
 }

 /*
 -------------------------------------------------------------------------------
 final -- final mixing of 3 32-bit values (a,b,c) into c

 Pairs of (a,b,c) values differing in only a few bits will usually
 produce values of c that look totally different.  This was tested for
 * pairs that differed by one bit, by two bits, in any combination
  of top bits of (a,b,c), or in any combination of bottom bits of
  (a,b,c).
 * "differ" is defined as +, -, ^, or ~^.  For + and -, I transformed
  the output delta to a Gray code (a^(a>>1)) so a string of 1's (as
  is commonly produced by subtraction) look like a single 1-bit
  difference.
 * the base values were pseudorandom, all zero but one bit set, or 
  all zero plus a counter that starts at zero.

 These constants passed:
 14 11 25 16 4 14 24
 12 14 25 16 4 14 24
 and these came close:
  4  8 15 26 3 22 24
 10  8 15 26 3 22 24
 11  8 15 26 3 22 24
 -------------------------------------------------------------------------------
 */
 #define final(a,b,c) \
 { \
  c ^= b; c -= rot(b,14); \
  a ^= c; a -= rot(c,11); \
  b ^= a; b -= rot(a,25); \
  c ^= b; c -= rot(b,16); \
  a ^= c; a -= rot(c,4);  \
  b ^= a; b -= rot(a,14); \
  c ^= b; c -= rot(b,24); \
 }


 /*
 -------------------------------------------------------------------------------
 hashlittle() -- hash a variable-length key into a 32-bit value
  k       : the key (the unaligned variable-length array of bytes)
  length  : the length of the key, counting by bytes
  initval : can be any 4-byte value
 Returns a 32-bit value.  Every bit of the key affects every bit of
 the return value.  Two keys differing by one or two bits will have
 totally different hash values.

 The best hash table sizes are powers of 2.  There is no need to do
 mod a prime (mod is sooo slow!).  If you need less than 32 bits,
 use a bitmask.  For example, if you need only 10 bits, do
  h = (h & hashmask(10));
 In which case, the hash table should have hashsize(10) elements.

 If you are hashing n strings (uint8_t **)k, do it like this:
  for (i=0, h=0; i<n; ++i) h = hashlittle( k[i], len[i], h);

 By Bob Jenkins, 2006.  bob_jenkins@burtleburtle.net.  You may use this
 code any way you wish, private, educational, or commercial.  It's free.

 Use for hash table lookup, or anything where one collision in 2^^32 is
 acceptable.  Do NOT use for cryptographic purposes.
 -------------------------------------------------------------------------------
 */

 static uint32_t hashlittle( const void *key, size_t length, uint32_t initval)
 {
  uint32_t a,b,c;                                          /* internal state */
  union { const void *ptr; size_t i; } u;     /* needed for Mac Powerbook G4 */

  /* Set up the internal state */
  a = b = c = 0xdeadbeef + ((uint32_t)length) + initval;

  u.ptr = key;
  if (HASH_LITTLE_ENDIAN && ((u.i & 0x3) == 0)) {
    const uint32_t *k = (const uint32_t *)key;         /* read 32-bit chunks */

    /*------ all but last block: aligned reads and affect 32 bits of (a,b,c) */
    while (length > 12)
    {
      a += k[0];
      b += k[1];
      c += k[2];
      mix(a,b,c);
      length -= 12;
      k += 3;
    }

    /*----------------------------- handle the last (probably partial) block */
    /* 
     * "k[2]&0xffffff" actually reads beyond the end of the string, but
     * then masks off the part it's not allowed to read.  Because the
     * string is aligned, the masked-off tail is in the same word as the
     * rest of the string.  Every machine with memory protection I've seen
     * does it on word boundaries, so is OK with this.  But VALGRIND will
     * still catch it and complain.  The masking trick does make the hash
     * noticably faster for short strings (like English words).
     */
 #ifndef VALGRIND

    switch(length)
    {
    case 12: c+=k[2]; b+=k[1]; a+=k[0]; break;
    case 11: c+=k[2]&0xffffff; b+=k[1]; a+=k[0]; break;
    case 10: c+=k[2]&0xffff; b+=k[1]; a+=k[0]; break;
    case 9 : c+=k[2]&0xff; b+=k[1]; a+=k[0]; break;
    case 8 : b+=k[1]; a+=k[0]; break;
    case 7 : b+=k[1]&0xffffff; a+=k[0]; break;
    case 6 : b+=k[1]&0xffff; a+=k[0]; break;
    case 5 : b+=k[1]&0xff; a+=k[0]; break;
    case 4 : a+=k[0]; break;
    case 3 : a+=k[0]&0xffffff; break;
    case 2 : a+=k[0]&0xffff; break;
    case 1 : a+=k[0]&0xff; break;
    case 0 : return c;              /* zero length strings require no mixing */
    }

 #else /* make valgrind happy */

    const uint8_t  *k8 = (const uint8_t *)k;
    switch(length)
    {
    case 12: c+=k[2]; b+=k[1]; a+=k[0]; break;
    case 11: c+=((uint32_t)k8[10])<<16;  /* fall through */
    case 10: c+=((uint32_t)k8[9])<<8;    /* fall through */
    case 9 : c+=k8[8];                   /* fall through */
    case 8 : b+=k[1]; a+=k[0]; break;
    case 7 : b+=((uint32_t)k8[6])<<16;   /* fall through */
    case 6 : b+=((uint32_t)k8[5])<<8;    /* fall through */
    case 5 : b+=k8[4];                   /* fall through */
    case 4 : a+=k[0]; break;
    case 3 : a+=((uint32_t)k8[2])<<16;   /* fall through */
    case 2 : a+=((uint32_t)k8[1])<<8;    /* fall through */
    case 1 : a+=k8[0]; break;
    case 0 : return c;
    }

 #endif /* !valgrind */

  } else if (HASH_LITTLE_ENDIAN && ((u.i & 0x1) == 0)) {
    const uint16_t *k = (const uint16_t *)key;         /* read 16-bit chunks */
    const uint8_t  *k8;

    /*--------------- all but last block: aligned reads and different mixing */
    while (length > 12)
    {
      a += k[0] + (((uint32_t)k[1])<<16);
      b += k[2] + (((uint32_t)k[3])<<16);
      c += k[4] + (((uint32_t)k[5])<<16);
      mix(a,b,c);
      length -= 12;
      k += 6;
    }

    /*----------------------------- handle the last (probably partial) block */
    k8 = (const uint8_t *)k;
    switch(length)
    {
    case 12: c+=k[4]+(((uint32_t)k[5])<<16);
             b+=k[2]+(((uint32_t)k[3])<<16);
             a+=k[0]+(((uint32_t)k[1])<<16);
             break;
    case 11: c+=((uint32_t)k8[10])<<16;     /* fall through */
    case 10: c+=k[4];
             b+=k[2]+(((uint32_t)k[3])<<16);
             a+=k[0]+(((uint32_t)k[1])<<16);
             break;
    case 9 : c+=k8[8];                      /* fall through */
    case 8 : b+=k[2]+(((uint32_t)k[3])<<16);
             a+=k[0]+(((uint32_t)k[1])<<16);
             break;
    case 7 : b+=((uint32_t)k8[6])<<16;      /* fall through */
    case 6 : b+=k[2];
             a+=k[0]+(((uint32_t)k[1])<<16);
             break;
    case 5 : b+=k8[4];                      /* fall through */
    case 4 : a+=k[0]+(((uint32_t)k[1])<<16);
             break;
    case 3 : a+=((uint32_t)k8[2])<<16;      /* fall through */
    case 2 : a+=k[0];
             break;
    case 1 : a+=k8[0];
             break;
    case 0 : return c;                     /* zero length requires no mixing */
    }

  } else {                        /* need to read the key one byte at a time */
    const uint8_t *k = (const uint8_t *)key;

    /*--------------- all but the last block: affect some 32 bits of (a,b,c) */
    while (length > 12)
    {
      a += k[0];
      a += ((uint32_t)k[1])<<8;
      a += ((uint32_t)k[2])<<16;
      a += ((uint32_t)k[3])<<24;
      b += k[4];
      b += ((uint32_t)k[5])<<8;
      b += ((uint32_t)k[6])<<16;
      b += ((uint32_t)k[7])<<24;
      c += k[8];
      c += ((uint32_t)k[9])<<8;
      c += ((uint32_t)k[10])<<16;
      c += ((uint32_t)k[11])<<24;
      mix(a,b,c);
      length -= 12;
      k += 12;
    }

    /*-------------------------------- last block: affect all 32 bits of (c) */
    switch(length)                   /* all the case statements fall through */
    {
    case 12: c+=((uint32_t)k[11])<<24;
    case 11: c+=((uint32_t)k[10])<<16;
    case 10: c+=((uint32_t)k[9])<<8;
    case 9 : c+=k[8];
    case 8 : b+=((uint32_t)k[7])<<24;
    case 7 : b+=((uint32_t)k[6])<<16;
    case 6 : b+=((uint32_t)k[5])<<8;
    case 5 : b+=k[4];
    case 4 : a+=((uint32_t)k[3])<<24;
    case 3 : a+=((uint32_t)k[2])<<16;
    case 2 : a+=((uint32_t)k[1])<<8;
    case 1 : a+=k[0];
             break;
    case 0 : return c;
    }
  }

  final(a,b,c);
  return c;
 }

 unsigned long lh_char_hash(const void *k)
 {
 	unsigned int h = 0;
 	const char* data = (const char*)k;
 
 	while( *data!=0 ) h = h*129 + (unsigned int)(*data++) + LH_PRIME;
 	static volatile int random_seed = -1;

 	if (random_seed == -1) {
 		int seed;
 		/* we can't use -1 as it is the unitialized sentinel */
 		while ((seed = json_c_get_random_seed()) == -1);
 #if defined __GNUC__
 		__sync_val_compare_and_swap(&random_seed, -1, seed);
 #elif defined _MSC_VER
 		InterlockedCompareExchange(&random_seed, seed, -1);
 #else
 #warning "racy random seed initializtion if used by multiple threads"
 		random_seed = seed; /* potentially racy */
 #endif
 	}

 	return h;
 	return hashlittle((const char*)k, strlen((const char*)k), random_seed); 
 }

 int lh_char_equal(const void *k1, const void *k2)
--- a/linkhash.h
+++ b/linkhash.h
@@ -246,7 +246,7 @@ extern struct lh_entry* lh_table_lookup_entry(struct lh_table *t, const void *k)
 * @return a pointer to the found value or NULL if it does not exist.
 * @deprecated Use lh_table_lookup_ex instead.
 */
 extern const void* lh_table_lookup(struct lh_table *t, const void *k);
 THIS_FUNCTION_IS_DEPRECATED(extern const void* lh_table_lookup(struct lh_table *t, const void *k));

 /**
 * Lookup a record in the table
--- a/random_seed.c
+++ b/random_seed.c
@@ -0,0 +1,237 @@
 /*
 * random_seed.c
 *
 * Copyright (c) 2013 Metaparadigm Pte. Ltd.
 * Michael Clark <michael@metaparadigm.com>
 *
 * This library is free software; you can redistribute it and/or modify
 * it under the terms of the MIT license. See COPYING for details.
 *
 */

 #include <stdio.h>
 #include "config.h"

 #define DEBUG_SEED(s)


 #if defined ENABLE_RDRAND

 /* cpuid */

 #if defined __GNUC__ && (defined __i386__ || defined __x86_64__)
 #define HAS_X86_CPUID 1

 static void do_cpuid(int regs[], int h)
 {
    __asm__ __volatile__(
 #if defined __x86_64__
                         "pushq %%rbx;\n"
 #else
                         "pushl %%ebx;\n"
 #endif
                         "cpuid;\n"
 #if defined __x86_64__
                         "popq %%rbx;\n"
 #else
                         "popl %%ebx;\n"
 #endif
                         : "=a"(regs[0]), [ebx] "=r"(regs[1]), "=c"(regs[2]), "=d"(regs[3])
                         : "a"(h));
 }

 #elif defined _MSC_VER

 #define HAS_X86_CPUID 1
 #define do_cpuid __cpuid

 #endif

 /* has_rdrand */

 #if HAS_X86_CPUID

 static int has_rdrand()
 {
    // CPUID.01H:ECX.RDRAND[bit 30] == 1
    int regs[4];
    do_cpuid(regs, 1);
    return (regs[2] & (1 << 30)) != 0;
 }

 #endif

 /* get_rdrand_seed - GCC x86 and X64 */

 #if defined __GNUC__ && (defined __i386__ || defined __x86_64__)

 #define HAVE_RDRAND 1

 static int get_rdrand_seed()
 {
    DEBUG_SEED("get_rdrand_seed");
    int _eax;
    // rdrand eax
    __asm__ __volatile__("1: .byte 0x0F\n"
                         "   .byte 0xC7\n"
                         "   .byte 0xF0\n"
                         "   jnc 1b;\n"
                         : "=a" (_eax));
    return _eax;
 }

 #endif

 #if defined _MSC_VER

 #if _MSC_VER >= 1700
 #define HAVE_RDRAND 1

 /* get_rdrand_seed - Visual Studio 2012 and above */

 static int get_rdrand_seed()
 {
    DEBUG_SEED("get_rdrand_seed");
    int r;
    while (_rdrand32_step(&r) == 0);
    return r;
 }

 #elif defined _M_IX86
 #define HAVE_RDRAND 1

 /* get_rdrand_seed - Visual Studio 2010 and below - x86 only */

 static int get_rdrand_seed()
 {
 	DEBUG_SEED("get_rdrand_seed");
 	int _eax;
 retry:
 	// rdrand eax
 	__asm _emit 0x0F __asm _emit 0xC7 __asm _emit 0xF0
 	__asm jnc retry
 	__asm mov _eax, eax
 	return _eax;
 }

 #endif
 #endif

 #endif /* defined ENABLE_RDRAND */


 /* has_dev_urandom */

 #if defined (__APPLE__) || defined(__unix__) || defined(__linux__)

 #include <string.h>
 #include <fcntl.h>
 #include <unistd.h>
 #include <errno.h>
 #include <stdlib.h>
 #include <sys/stat.h>

 #define HAVE_DEV_RANDOM 1

 static const char *dev_random_file = "/dev/urandom";

 static int has_dev_urandom()
 {
    struct stat buf;
    if (stat(dev_random_file, &buf)) {
        return 0;
    }
    return ((buf.st_mode & S_IFCHR) != 0);
 }


 /* get_dev_random_seed */

 static int get_dev_random_seed()
 {
    DEBUG_SEED("get_dev_random_seed");
    
    int fd = open(dev_random_file, O_RDONLY);
    if (fd < 0) {
        fprintf(stderr, "error opening %s: %s", dev_random_file, strerror(errno));
        exit(1);
    }
    
    int r;
    ssize_t nread = read(fd, &r, sizeof(r));
    if (nread != sizeof(r)) {
        fprintf(stderr, "error read %s: %s", dev_random_file, strerror(errno));
        exit(1);
    }
    else if (nread != sizeof(r)) {
        fprintf(stderr, "error short read %s", dev_random_file);
        exit(1);
    }
    close(fd);
    return r;
 }

 #endif


 /* get_cryptgenrandom_seed */

 #ifdef WIN32

 #define HAVE_CRYPTGENRANDOM 1

 #include <windows.h>
 #pragma comment(lib, "advapi32.lib")

 static int get_cryptgenrandom_seed()
 {
    DEBUG_SEED("get_cryptgenrandom_seed");
    
    HCRYPTPROV hProvider = 0;
    int r;
    
    if (!CryptAcquireContextW(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
        fprintf(stderr, "error CryptAcquireContextW");
        exit(1);
    }
    
    if (!CryptGenRandom(hProvider, sizeof(r), (BYTE*)&r)) {
        fprintf(stderr, "error CryptGenRandom");
        exit(1);
    }
    
    CryptReleaseContext(hProvider, 0);
    
    return r;
 }

 #endif


 /* get_time_seed */

 #include <time.h>

 static int get_time_seed()
 {
    DEBUG_SEED("get_time_seed");
    
    return (int)time(NULL) * 433494437;
 }


 /* json_c_get_random_seed */

 int json_c_get_random_seed()
 {
 #if HAVE_RDRAND
    if (has_rdrand()) return get_rdrand_seed();
 #endif
 #if HAVE_DEV_RANDOM
    if (has_dev_urandom()) return get_dev_random_seed();
 #endif
 #if HAVE_CRYPTGENRANDOM
    return get_cryptgenrandom_seed();
 #endif
    return get_time_seed();
 }
--- a/random_seed.h
+++ b/random_seed.h
@@ -0,0 +1,25 @@
 /*
 * random_seed.h
 *
 * Copyright (c) 2013 Metaparadigm Pte. Ltd.
 * Michael Clark <michael@metaparadigm.com>
 *
 * This library is free software; you can redistribute it and/or modify
 * it under the terms of the MIT license. See COPYING for details.
 *
 */

 #ifndef seed_h
 #define seed_h

 #ifdef __cplusplus
 extern "C" {
 #endif

 extern int json_c_get_random_seed();

 #ifdef __cplusplus
 }
 #endif

 #endif