Chiwopsezo (CVE-3-2022) chadziwika pakukhazikitsa SHA-37454 (Keccak) cryptographic hash function yoperekedwa mu phukusi la XKCP (eXtended Keccak Code Package), zomwe zingayambitse kusefukira kwa buffer pokonza zina. Vutoli limayambitsidwa ndi cholakwika mu code ya kukhazikitsa kwapadera kwa SHA-3, osati chifukwa chokhala pachiwopsezo mu algorithm yokha. Phukusi la XKCP limadziwika kuti ndilo kukhazikitsidwa kovomerezeka kwa SHA-3, lopangidwa ndi zomwe gulu lachitukuko la Keccak, ndipo limagwiritsidwa ntchito ngati maziko a ntchito za SHA-3 m'zilankhulo zosiyanasiyana zamapulogalamu (mwachitsanzo, XKCP code imagwiritsidwa ntchito mu Python hahlib gawo, phukusi la Ruby digest sha3 ndi PHP hash_* ntchito).
Malingana ndi wofufuza yemwe adazindikira vutoli, adatha kugwiritsa ntchito chiwopsezo kuti aphwanye zizindikiro za cryptographic za ntchito ya hashi ndikupeza ziwonetsero zoyambirira ndi zachiwiri, komanso kuzindikira kugundana. Kuphatikiza apo, zidalengezedwa kuti kukhazikitsidwa kwa prototype kudzapangidwa komwe kungalole kuti code ichitike powerengera hashi ya fayilo yopangidwa mwapadera. Chiwopsezocho chitha kugwiritsidwanso ntchito kuukira ma aligorivimu otsimikizira siginecha ya digito yomwe imagwiritsa ntchito SHA-3 (mwachitsanzo, Ed448). Tsatanetsatane wa njira zowukirazo zakonzedwa kuti zisindikizidwe pambuyo pake, chiwopsezocho chikathetsedwa paliponse.
Sizikudziwikabe kuti chiwopsezochi chimakhudza bwanji ntchito zomwe zilipo kale, chifukwa kuti vutoli lidziwonetsere mu code, kuwerengera kwa hashi muzitsulo ziyenera kugwiritsidwa ntchito ndipo imodzi mwa midadada yokonzedwa iyenera kukhala pafupifupi 4 GB kukula kwake (osachepera). 2 ^ 32 - 200 mabayiti). Mukakonza zolowetsamo nthawi imodzi (popanda kuwerengera motsatizana ndi hashi m'magawo), vuto silikuwoneka. Monga njira yosavuta kwambiri yotetezera, ikuyenera kuchepetsa kukula kwa deta yomwe ikukhudzidwa ndi kubwereza kumodzi kwa mawerengedwe a hashi.
Chiwopsezocho chimadza chifukwa cha vuto pakukonza kwa block data yolowera. Chifukwa cha kufananitsa kolakwika kwamitengo ndi mtundu wa "int", kukula kolakwika kwa data yomwe ikudikirira kumatsimikiziridwa, zomwe zimapangitsa kuti mchira ulembedwe kupitilira buffer yomwe idaperekedwa. Makamaka, kufananitsako kunagwiritsa ntchito mawu oti "partialBlock + example->byteIOIndex", zomwe zidapangitsa kuti pakhale kusefukira kwazinthu zazikuluzikulu zamagawo. Kuonjezera apo, panali mtundu wolakwika "(unsigned int)(dataByteLen - i)" mu code, yomwe inachititsa kusefukira pamakina okhala ndi mtundu wa 64-bit size_t.
Chitsanzo cha code yomwe imayambitsa kusefukira: import hahlib h = hahlib.sha3_224() m1 = b"\x00" * 1; m2 = b"\x00β³ * 4294967295; h.kusintha(m1) h.kusintha(m2) kusindikiza(h.hexdigest())
Source: opennet.ru