public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "felix-gcc at fefe dot de" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug libstdc++/55815] New: switch hash function of libstdc++ hash tables to siphash Date: Wed, 26 Dec 2012 21:39:00 -0000 [thread overview] Message-ID: <bug-55815-4@http.gcc.gnu.org/bugzilla/> (raw) http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55815 Bug #: 55815 Summary: switch hash function of libstdc++ hash tables to siphash Classification: Unclassified Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: libstdc++ AssignedTo: unassigned@gcc.gnu.org ReportedBy: felix-gcc@fefe.de Hash functions traditionally used by language runtimes for hash tables do not assume that input values will be chosen maliciously to cause collisions and degrade performance. This has become a published attack vector on internet facing hash tables as used in, for example, web services or even memory cache code in front of a database or so. libsupc++ implements the Murmur hash, which was specifically targeted in a recent paper attacking hash functions. See https://131002.net/siphash/ for the attack code that produces collisions in Murmur2 and Murmur3. libsupc++ should switch the hash function to siphash, the function proposed by the authors of this attack. The same bug should be filed against other user facing hash table implementations in gcc. I can think of Java and Go, but there might be others. It may even make sense to replace the hash code gcc itself uses, as there are now web pages where you can paste code and see which code gcc generates for it, turning this problem into a security issue if someone pastes code with colliding symbols to exploit this problem.
next reply other threads:[~2012-12-26 21:39 UTC|newest] Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top 2012-12-26 21:39 felix-gcc at fefe dot de [this message] 2013-01-05 13:29 ` [Bug libstdc++/55815] " redi at gcc dot gnu.org 2013-01-05 14:35 ` redi at gcc dot gnu.org 2013-01-05 14:48 ` paolo.carlini at oracle dot com 2015-09-22 22:11 ` gpike at google dot com 2015-09-23 2:08 ` felix-glibc at fefe dot de 2015-09-23 3:29 ` miyuki at gcc dot gnu.org 2015-09-23 9:56 ` redi at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-55815-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).