Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hashtbl is vulnerable to collision-based DOS attack (CVE-2012-0839) #5572

Closed
vicuna opened this issue Apr 3, 2012 · 2 comments

Comments

Projects
None yet
2 participants
@vicuna
Copy link

commented Apr 3, 2012

Original bug ID: 5572
Reporter: @xavierleroy
Assigned to: @xavierleroy
Status: closed (set by @xavierleroy on 2013-08-31T10:49:03Z)
Resolution: fixed
Priority: normal
Severity: major
Version: 3.12.1
Target version: 4.00.0+dev
Fixed in version: 4.00.0+dev
Category: standard library
Monitored by: @glondu

Bug description

This PR is intended to document vulnerability CVE-2012-0839 and its resolution.

Summary: up to OCaml 3.12.1 included, hash tables as implemented by the Hashtbl stdlib module use a fixed hash function. This opens the way to a denial-of-service attack on Web-facing and other security-sensitive applications, whereas the attacker sends a series of requests crafted to cause many collisions in a hash table and therefore slow down the application.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839
https://bugzilla.redhat.com/show_bug.cgi?id=787888
https://bugzilla.redhat.com/show_bug.cgi?id=770929

@vicuna

This comment has been minimized.

Copy link
Author

commented Apr 3, 2012

Comment author: @xavierleroy

The new hash table implementation (commit r11056), integrated in SVN trunk and in 4.00 branch, already supports diversification of hash tables via a randomly-chosen seed. However, the API doesn't make it easy enough to turn randomization on. I am currently revising the API.

@vicuna

This comment has been minimized.

Copy link
Author

commented Apr 19, 2012

Comment author: @xavierleroy

Fixed in 4.00 branch (commit 12383) and in trunk (12384).

For the record, the resolution is as follows:

  • Added an optional parameter "~random" to Hashtbl.create. If "~random:true" is given, the table uses a randomly-generated seed to diversify the hash function and make collisions hard to predict. If "~random:false" is given, the table uses a fixed hash function.
  • If no ~random parameter is given, the default is "false" (no randomization). This default can be changed to "true" by either calling "Hashtbl.randomize()" at program initialization time, or setting the "R" parameter in the OCAMLRUNPARAM environment variable before program start-up.

The net effect is to keep hash tables deterministic by default (for backward compatibility), but make it very easy to select randomization, either programmatically or via a run-time parameter.

@vicuna vicuna closed this Aug 31, 2013

@vicuna vicuna added the stdlib label Mar 14, 2019

@vicuna vicuna added this to the 4.00.0 milestone Mar 14, 2019

@vicuna vicuna added the bug label Mar 20, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.