We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@markus2330 wrote: src/libs/ease/hash.c produces collisions in scenarios like key = "keyvalue", value = "" vs. key = "key" and value = "value".
Expected behavior: With different KeySet the sha256 should be different, especially the ones which are only slightly different.
@qwepoizt wrote: This was noticed by @markus2330 in #4047 (comment) .
I.e. the following test case fails, because string1 is equal to string2 even though the two should be different:
string1
string2
/** * Test whether streaming API is aware of character order. */ static void test_streaming_aware_of_order (void) { // Initialize sha_256 for streaming uint8_t hash1[SIZE_OF_SHA_256_HASH]; struct Sha_256 sha_256_1; sha_256_init (&sha_256_1, hash1); const char * key = "key"; const char * value = "value"; sha_256_write (&sha_256_1, key, strlen(key)); sha_256_write (&sha_256_1, value, strlen(value)); sha_256_close (&sha_256_1); char string1[65]; hash_to_string (string1, hash1); // Reinitialize sha_256 for streaming uint8_t hash2[SIZE_OF_SHA_256_HASH]; struct Sha_256 sha_256_2; sha_256_init (&sha_256_2, hash2); const char * keyvalue = "keyvalue"; sha_256_write (&sha_256_2, keyvalue, strlen(keyvalue)); sha_256_close (&sha_256_2); char string2[65]; hash_to_string (string2, hash2); succeed_if (strcmp(string1, string2) == 0, "streaming API of sha_256 is not aware of order!"); }
The text was updated successfully, but these errors were encountered:
b17c8c2
core: fix hashing collisions in streaming token by including NULL ter…
d931a4d
…minators Fixes ElektraInitiative#4110 Added tests to detect this issue as well as changed existing tests so they with the newly generated hashes
lawli3t
No branches or pull requests
@markus2330 wrote:
src/libs/ease/hash.c produces collisions in scenarios like key = "keyvalue", value = "" vs. key = "key" and value = "value".
Expected behavior: With different KeySet the sha256 should be different, especially the ones which are only slightly different.
@qwepoizt wrote:
This was noticed by @markus2330 in #4047 (comment) .
I.e. the following test case fails, because
string1
is equal tostring2
even though the two should be different:System Information
The text was updated successfully, but these errors were encountered: