develooper Front page | perl.perl5.porters | Postings from November 2003

Re: perl-5.8.0-attack.gz

Thread Previous | Thread Next
From:
Scott A Crosby
Date:
November 1, 2003 19:28
Subject:
Re: perl-5.8.0-attack.gz
Message ID:
oyd8ymz4fg8.fsf@bert.cs.rice.edu
On Sat, 01 Nov 2003 17:39:36 -0800, Stas Bekman <stas@stason.org> writes:
> Scott A Crosby wrote:

> Hash of all strings in your original input always returns 0. So it
> always ends up in slot 0, even when split is performed. Due to a bug
> in hv.h (see below), it was returning 0 regardless of PERL_HASH_SEED
> value.
> 

Ok. I think it would be useful to have two test-files for tests that
can check the hash-randomization triggers and PERL_HASH_SEED code. I
offer a file that collides with PERL_HASH_SEED=193 in addition to the
original file that required PERL_HASH_SEED=0. If you want any other
test files for PERL_HASH_SEED=??? (or more test data), please reply.


PERL_HASH_SEED=193, hash value = 56919753

luvhlusiqymutgmqluvhlusi
lfjvwlhextbqdqxmucyyluie
azotoiokuaccwopfsnbadxvf
dpffhbtvizjwgbwxiugesnzf
eolsjqmndpffhbtvnveymbxa
zrvpvwlmwojwptllnkhjvbco
ucyyluietpyrxzbaazotoiok
wojwptllqjoiahffrthxzhkj
zwuszcchxtbqdqxmlfjvwlhe
azotoiokqymutgmqldvbbbjh
tftphnqqwybaifxjnkhjvbco
adaokzmxdpffhbtvxtbqdqxm
wojwptllldvbbbjhwojwptll
nveymbxaeolsjqmniugesnzf
xtbqdqxmizjwgbwxluvhlusi
uzuuhudptftphnqqlfjvwlhe
ldvbbbjhuzuuhudpzrvpvwlm
zuvlgvhdawnycxirlfjvwlhe
qymutgmqbpowxafqdubrmqpo
fcjkjigydpffhbtveolsjqmn
lfjvwlherthxzhkjeolsjqmn
idrrovimluvhlusifcjkjigy
izjwgbwxbpowxafqeolsjqmn
uzuuhudpwktwbidaldvbbbjh
zjheimsfxkfovmeywktwbida
zjheimsfyuzuvrxieolnorhg
nhhybyttwybaifxjnmeoyqla


There is also the original file with  

PERL_HASH_SEED=0, hash value = 0

beoppifufkqidvqyqdazlxxp
bheuoalpnwtftrcnnwtftrcn
benniefupmuzbpmhtxrmfxhd
beoppifugkcdnowoiwzmsjwx
bheuoalpnwtftrcnqnprevxm
bxifmbwvgkcdnowocrphalzb
bheuoalptwekfzccfkqidvqy
bheyppdltwekfzccupychihz
benniefutgxvpmncwyslhhzw
benniefupwbstdmsvrrimcvp
beoppifubenniefugbuocxbt
bheuoalpqnprevxmcrphalzb
bheuoalpjevvfjsfcdsuauht
bheyppdlfwlfnorpjeozrmvb
benniefujlomraaitgxvpmnc
benniefuwozdgnjznwtjqhgn
beoppifutsljwgxtgzpjjakt
bheyppdljeozrmvbfhbalgiw
benniefutbwofcgpupychihz
bheyppdlbheyppdllpvzqpqq
beoppifufhbalgiwvcakywsm
benniefubeoppifugbuocxbt
bheyppdlfwlfnorptgxvpmnc
benniefucrphalzbgkcdnowo
bheuoalpgkcdnowojptanaai
benniefupmuzbpmhcdsuauht
bheuoalpiwzmsjwxjwnieayi

Lets hope that these will expose any bugs like that found below.

Scott

> > For each hash seed, a new input file must be custom generated to
> > attack it. The file on my website was designed to attack '0', the file
> > pasted above was designed to attack a seed of 193. From your email, I
> > thought you might want it. I have not released the program that
> > generates such input.
> 
> I know why your input didn't work for seed 193, Scott. Nick, you
> forgot to update hv.h. It works
> 
> 
> --- hv.h.orig   2003-11-01 17:33:55.000000000 -0800
> +++ hv.h        2003-11-01 17:34:09.000000000 -0800
> @@ -68,7 +68,7 @@
>    */
>   #ifndef PERL_HASH_SEED
>   #   if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT)
> -#       define PERL_HASH_SEED  PL_hash_seed
> +#       define PERL_HASH_SEED  PL_new_hash_seed
>   #   else
>   #       define PERL_HASH_SEED  0
>   #   endif
> 

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About