Ib qho yooj yim (CVE-3-2022) tau raug txheeb xyuas hauv kev siv SHA-37454 (Keccak) cryptographic hash muaj nuj nqi muaj nyob rau hauv pob XKCP (eXtended Keccak Code Package), uas tuaj yeem ua rau muaj qhov tsis txaus thaum ua haujlwm ntawm qee yam. formatted cov ntaub ntawv. Qhov teeb meem yog tshwm sim los ntawm kab laum nyob rau hauv txoj cai ntawm ib qho kev siv ntawm SHA-3, thiab tsis yog los ntawm qhov tsis zoo nyob rau hauv lub algorithm nws tus kheej. Lub pob XKCP yog touted raws li kev siv ntawm SHA-3, tsim nrog cov tswv yim los ntawm Keccak pab pawg txhim kho, thiab siv los ua lub hauv paus rau SHA-3 ua haujlwm hauv ntau hom lus programming (xws li, XKCP code yog siv hauv Python hashlib module, Ruby digest pob sha3 thiab PHP hash_* ua haujlwm).
Raws li tus kws tshawb fawb uas tau txheeb xyuas qhov teeb meem, nws muaj peev xwm siv qhov tsis zoo los ua txhaum cov khoom siv cryptographic ntawm hash muaj nuj nqi thiab nrhiav thawj zaug thiab thib ob preimages, nrog rau kuaj pom kev sib tsoo. Tsis tas li ntawd, nws tau tshaj tawm tias tus qauv siv tus qauv yuav raug tsim uas yuav tso cai rau cov lej ua tiav thaum xam cov hash ntawm cov ntaub ntawv tsim tshwj xeeb. Qhov tsis zoo kuj tseem tuaj yeem siv los tua cov cim kos npe pov thawj algorithms uas siv SHA-3 (piv txwv li, Ed448). Cov ntsiab lus ntawm txoj kev tawm tsam tau npaj yuav tshaj tawm tom qab, tom qab qhov kev pheej hmoo raug tshem tawm txhua qhov chaw.
Nws tseem tsis tau meej meej npaum li cas qhov kev pheej hmoo cuam tshuam rau cov ntawv thov uas twb muaj lawm hauv kev xyaum, vim tias qhov teeb meem tshwm sim nws tus kheej hauv cov cai, kev suav lej ntawm cov lej yuav tsum tau siv thiab ib qho ntawm cov txheej txheem ua tiav yuav tsum yog li 4 GB hauv qhov loj me (tsawg kawg. 2^32 - 200 bytes). Thaum ua cov ntaub ntawv tawm tswv yim ib zaug (tsis suav cov hash hauv ntu), qhov teeb meem tsis tshwm sim. Raws li txoj kev yooj yim tshaj plaws ntawm kev tiv thaiv, nws tau thov kom txwv qhov siab tshaj plaws ntawm cov ntaub ntawv koom nrog hauv ib qho iteration ntawm hash xam.
Qhov tsis zoo yog tshwm sim los ntawm kev ua yuam kev hauv kev thaiv cov ntaub ntawv nkag. Vim tsis yog qhov sib piv ntawm qhov tseem ceeb nrog hom "int", qhov tsis raug qhov loj ntawm cov ntaub ntawv tseem tab tom txiav txim, uas ua rau tus Tsov tus tw tau sau dhau qhov kev faib tsis tau. Hauv particular, qhov kev sib piv siv cov lus qhia "partialBlock + piv txwv->byteIOIndex", uas coj mus rau integer overflow rau cov nqi loj ntawm cov khoom siv. Tsis tas li ntawd, muaj ib qho tsis raug hom cam "(unsigned int)(dataByteLen - i)" nyob rau hauv cov cai, uas ua rau ib tug overflow ntawm systems nrog 64-ntsis size_t hom.
Piv txwv li code uas ua rau overflow: import hashlib h = hashlib.sha3_224() m1 = b"\x00" * 1; m2 = b"\x00" * 4294967295; h.update(m1) h.update(m2) print(h.hexdigest())
Tau qhov twg los: opennet.ru