ProHoster > Блог > labaran intanet > Rashin lahani a cikin SQLite wanda ke ba da damar kai hari mai nisa akan Chrome ta hanyar WebSQL

Rashin lahani a cikin SQLite wanda ke ba da damar kai hari mai nisa akan Chrome ta hanyar WebSQL

Masu binciken tsaro daga kamfanin kasar Sin Tencent gabatar sabon bambance-bambancen rauni Magellan (CVE-2019-13734), wanda ke ba ku damar cimma aiwatar da code lokacin aiwatar da ginin SQL da aka tsara ta wata hanya a cikin SQLite DBMS. Akwai irin wannan rauni aka buga ta masu binciken guda shekara guda da ta wuce. Lalacewar sanannen abu ne ta yadda yana ba mutum damar kai hari daga nesa mai binciken Chrome kuma ya sami iko akan tsarin mai amfani lokacin buɗe shafukan yanar gizon da maharin ke sarrafawa.

Ana kai harin akan Chrome/Chromium ta hanyar WebSQL API, wanda mai kula da shi ya dogara akan lambar SQLite. Harin kan wasu aikace-aikacen yana yiwuwa ne kawai idan sun ba da izinin canja wurin ginin SQL da ke fitowa daga waje zuwa SQLite, alal misali, suna amfani da SQLite azaman tsarin musayar bayanai. Firefox ba ta da rauni saboda Mozilla ya ki daga aiwatarwar WebSQL amfani API ɗin IndexedDB.

Google ya gyara matsalar a cikin sakin Chrome 79. An sami matsala a cikin SQLite codebase gyarawa Nuwamba 17, kuma a cikin Chromium codebase - 21 Nuwamba.
Matsalar tana nan a ciki lambar FTS3 injin binciken cikakken rubutu kuma ta hanyar yin amfani da allunan inuwa (nau'in tebur na musamman tare da rubuce-rubucen rubutu) na iya haifar da cin hanci da rashawa da buffer ambaliya. Za a buga cikakken bayani kan dabarun aiki bayan kwanaki 90.

Sabuwar sakin SQLite tare da gyarawa a yanzu ba a kafa ba (sa ran 31 ga Disamba). A matsayin tsarin tsaro, farawa da SQLite 3.26.0, ana iya amfani da yanayin SQLITE_DBCONFIG_DEFENSIVE, wanda ke hana rubutu zuwa teburan inuwa kuma ana ba da shawarar haɗawa yayin sarrafa tambayoyin SQL na waje a cikin SQLite. A cikin na'urorin rarrabawa, rashin lahani a cikin ɗakin karatu na SQLite ya kasance ba a daidaita shi ba Debian, Ubuntu, RHEL, budeSUSE / SUSE, Arch Linux, Fedora, FreeBSD. Chromium a cikin duk rabawa an riga an sabunta shi kuma rashin lahani bai shafe shi ba, amma matsalar na iya shafar wasu masu bincike na ɓangare na uku da aikace-aikacen da ke amfani da injin Chromium, da kuma aikace-aikacen Android dangane da Yanar Gizo.

Bugu da ƙari, an kuma gano matsalolin 4 marasa haɗari a cikin SQLite (CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753), wanda zai iya haifar da zubewar bayanai da keɓancewar hane-hane (ana iya amfani da shi azaman abubuwan da ke ba da gudummawa ga harin Chrome). An gyara waɗannan batutuwan a cikin lambar SQLite akan Disamba 13th. Haɗe tare, matsalolin sun ba masu binciken damar shirya amfani mai aiki wanda ke ba da damar aiwatar da lamba a cikin mahallin tsarin Chromium da ke da alhakin sarrafawa.

source: budenet.ru

Add a comment