An gano wani rauni (CVE-3-2022) a cikin aiwatar da aikin SHA-37454 (Keccak) aikin hash cryptographic wanda aka bayar a cikin kunshin XKCP (eXtended Keccak Code Package), wanda zai iya haifar da buffer ambaliya lokacin sarrafa wasu bayanai. Matsalar tana faruwa ne ta hanyar kwaro a cikin lambar takamaiman aiwatar da SHA-3, kuma ba ta hanyar rauni a cikin algorithm kanta ba. Kunshin XKCP ana ɗaukarsa azaman aiwatar da hukuma na SHA-3, wanda aka haɓaka tare da shigarwa daga ƙungiyar ci gaban Keccak, kuma ana amfani dashi azaman tushen ayyukan SHA-3 a cikin harsunan shirye-shirye daban-daban (misali, ana amfani da lambar XKCP a cikin Python hashlib. module, da Ruby digest kunshin sha3 da PHP hash_* ayyuka).
A cewar mai binciken wanda ya gano matsalar, ya sami damar yin amfani da raunin da ya faru don keta bayanan sirrin aikin hash tare da gano yanayin farko da na biyu, da kuma gano karon juna. Bugu da ƙari, an sanar da cewa za a ƙirƙiri wani samfur na amfani wanda zai ba da damar aiwatar da lamba yayin ƙididdige hash na fayil ɗin da aka kera na musamman. Hakanan ana iya amfani da raunin don kai hari ga algorithms tabbatar da sa hannu na dijital waɗanda ke amfani da SHA-3 (misali, Ed448). Ana shirin buga cikakkun bayanai kan hanyoyin kai harin daga baya, bayan an kawar da rauni a ko'ina.
Har yanzu ba a bayyana nawa raunin da ya shafi aikace-aikacen da ke akwai a aikace ba, tunda don matsalar ta bayyana kanta a cikin lambar, dole ne a yi amfani da lissafin hash na cyclic a cikin tubalan kuma ɗayan tubalan da aka sarrafa dole ne ya kasance kusan 4 GB a girman (aƙalla. 2^32 - 200 bytes). Lokacin sarrafa bayanan shigarwa lokaci ɗaya (ba tare da ƙididdige ƙididdiga ba a sassa), matsalar ba ta bayyana ba. A matsayin hanya mafi sauƙi na kariya, an ba da shawarar don iyakance iyakar girman bayanan da ke cikin juzu'i ɗaya na lissafin hash.
Rashin lahani yana faruwa ta hanyar kuskure a toshe sarrafa bayanan shigarwa. Saboda kwatancen dabi'u marasa kuskure tare da nau'in "int", an ƙayyade girman girman bayanan da ba daidai ba, wanda ke haifar da rubuta wutsiya fiye da abin da aka keɓe. Musamman, kwatancen yayi amfani da kalmar "partialBlock + misali->byteIOIndex", wanda ya haifar da ambaliya ga manyan ƙima na sassan sassan. Bugu da ƙari, akwai nau'in simintin simintin da ba daidai ba "(wanda ba a sanya hannu ba) (dataByteLen - i)" a cikin lambar, wanda ya haifar da ambaliya akan tsarin tare da nau'in 64-bit size_t.
Misalin lambar da ke haifar da ambaliya: shigo da hashlib h = hashlib.sha3_224 () m1 = b"\x00" * 1; m2 = b"\x00″ * 4294967295; h.update(m1) h.update(m2) bugawa (h.hexdigest())
source: budenet.ru