Imported Upstream version 4.3.2.467

Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
Xamarin Public Jenkins
2016-02-22 11:00:01 -05:00
parent f302175246
commit f3e3aab35a
4097 changed files with 122406 additions and 82300 deletions

View File

@@ -70,7 +70,7 @@ namespace System.Web.Configuration {
return (o != null && StringUtil.EqualsIgnoreCase(Extension, o.Extension) && Type == o.Type);
}
public override int GetHashCode() {
return HashCodeCombiner.CombineHashCodes(Extension.ToLower(CultureInfo.InvariantCulture).GetHashCode(),
return HashCodeCombiner.CombineHashCodes(StringUtil.GetNonRandomizedHashCode(Extension.ToLower(CultureInfo.InvariantCulture)),
Type.GetHashCode());
}

View File

@@ -61,7 +61,7 @@ namespace System.Web.Configuration {
return (o != null && StringUtil.EqualsIgnoreCase(Name, o.Name) && Type == o.Type);
}
public override int GetHashCode() {
return HashCodeCombiner.CombineHashCodes(Name.ToLower(CultureInfo.InvariantCulture).GetHashCode(),
return HashCodeCombiner.CombineHashCodes(StringUtil.GetNonRandomizedHashCode(Name.ToLower(CultureInfo.InvariantCulture)),
Type.GetHashCode());
}

View File

@@ -404,7 +404,8 @@ namespace System.Web.Configuration {
return null;
}
Regex regex = new Regex("\\.NET CLR (?'clrVersion'[0-9\\.]*)");
// Adding timeout for Regex in case of malicious UA string causing DoS
Regex regex = RegexUtil.CreateRegex("\\.NET CLR (?'clrVersion'[0-9\\.]*)", RegexOptions.None);
MatchCollection matches = regex.Matches(ua);
if (matches.Count == 0) {

View File

@@ -106,8 +106,8 @@ namespace System.Web.Configuration
internal byte[] ValidationKeyInternal { get { RuntimeDataInitialize(); return (byte[])_ValidationKey.Clone(); } }
internal byte[] DecryptionKeyInternal { get { RuntimeDataInitialize(); return (byte[])_DecryptionKey.Clone(); } }
internal static int HashSize { get { s_config.RuntimeDataInitialize(); return _HashSize; } }
internal static int ValidationKeySize { get { s_config.RuntimeDataInitialize(); return _AutoGenValidationKeySize; } }
internal static int HashSize { get { EnsureConfig(); s_config.RuntimeDataInitialize(); return _HashSize; } }
internal static int ValidationKeySize { get { EnsureConfig(); s_config.RuntimeDataInitialize(); return _AutoGenValidationKeySize; } }
static MachineKeySection()
{
@@ -369,7 +369,7 @@ namespace System.Web.Configuration
}
if (fAppSpecific)
{
int dwCode = StringComparer.InvariantCultureIgnoreCase.GetHashCode( appName );
int dwCode = StringUtil.GetNonRandomizedStringComparerHashCode(appName);
_ValidationKey[0] = (byte)(dwCode & 0xff);
_ValidationKey[1] = (byte)((dwCode & 0xff00) >> 8);
_ValidationKey[2] = (byte)((dwCode & 0xff0000) >> 16);
@@ -377,7 +377,7 @@ namespace System.Web.Configuration
}
if (fAppIdSpecific)
{
int dwCode = StringComparer.InvariantCultureIgnoreCase.GetHashCode( appId );
int dwCode = StringUtil.GetNonRandomizedStringComparerHashCode(appId);
_ValidationKey[4] = (byte)(dwCode & 0xff);
_ValidationKey[5] = (byte)((dwCode & 0xff00) >> 8);
_ValidationKey[6] = (byte)((dwCode & 0xff0000) >> 16);
@@ -425,7 +425,7 @@ namespace System.Web.Configuration
}
if (fAppSpecific)
{
int dwCode = StringComparer.InvariantCultureIgnoreCase.GetHashCode(appName);
int dwCode = StringUtil.GetNonRandomizedStringComparerHashCode(appName);
_DecryptionKey[0] = (byte)(dwCode & 0xff);
_DecryptionKey[1] = (byte)((dwCode & 0xff00) >> 8);
_DecryptionKey[2] = (byte)((dwCode & 0xff0000) >> 16);
@@ -433,7 +433,7 @@ namespace System.Web.Configuration
}
if (fAppIdSpecific)
{
int dwCode = StringComparer.InvariantCultureIgnoreCase.GetHashCode(appId);
int dwCode = StringUtil.GetNonRandomizedStringComparerHashCode(appId);
_DecryptionKey[4] = (byte)(dwCode & 0xff);
_DecryptionKey[5] = (byte)((dwCode & 0xff00) >> 8);
_DecryptionKey[6] = (byte)((dwCode & 0xff0000) >> 16);

View File

@@ -48,6 +48,7 @@ namespace System.Web.Configuration {
minRequiredPasswordLength="int" The minimum number of characters required in a password
minRequiredNonAlphanumericCharacters="int" The minimum number of non-alphanumeric characters that are required in a password
passwordStrengthRegularExpression="string" The regular expression used to test the password strength
passwordStrengthRegexTimeout="int" The timeout in milliseconds for the regex we use to check password strength
-->
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15" >
@@ -60,6 +61,7 @@ namespace System.Web.Configuration {
minRequiredPasswordLength="7"
minRequireNonAlphanumericCharacters="1"
passwordStrengthRegularExpression=""
passwordStrengthRegexTimeout="2000"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"

View File

@@ -88,7 +88,8 @@ namespace System.Web.Configuration {
target = String.Empty;
}
Regex regex = new Regex(regexExpression, RegexOptions.ExplicitCapture);
// Adding timeout for Regex in case of malicious string causing DoS
Regex regex = RegexUtil.CreateRegex(regexExpression, RegexOptions.ExplicitCapture);
Match match = regex.Match(target);
if(match.Success == false) {
return false;

View File

@@ -59,7 +59,6 @@ namespace System.Web.Configuration {
// For config implemented with IConfigurationSectionHandler, this
// may return null, non-null, or throw an exception.
//
[System.Runtime.TargetedPatchingOptOut("Performance critical to inline across NGen image boundaries")]
static internal RuntimeConfig GetConfig(HttpContext context) {
if (!HttpConfigurationSystem.UseHttpConfigurationSystem) {
return GetClientRuntimeConfig();
@@ -359,7 +358,6 @@ namespace System.Web.Configuration {
}
internal PagesSection Pages {
[System.Runtime.TargetedPatchingOptOut("Performance critical to inline across NGen image boundaries")]
get {
return (PagesSection) GetSection("system.web/pages", typeof(PagesSection), ResultsIndex.Pages);
}

View File

@@ -9,4 +9,4 @@ namespace System.Web.Configuration {
Framework20 = 0,
Framework40 = 1,
}
}
}