Skip to content
This repository
Browse code

Use secure_compare for hmac comparison

 * Closes CVE-2013-0263
  • Loading branch information...
commit 0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07 1 parent 9a81b96
James Tucker authored February 07, 2013

Showing 1 changed file with 1 addition and 1 deletion. Show diff stats Hide diff stats

  1. 2  lib/rack/session/cookie.rb
2  lib/rack/session/cookie.rb
@@ -159,7 +159,7 @@ def destroy_session(env, session_id, options)

0 notes on commit 0cd7e9a

Tony Arcieri

Heh, funny, I looked for this vulnerability in Rails recently and saw they were using a (wonky) constant-time comparison function. Didn't think to look in Rack. Crypto is hard :(

Tony Arcieri

Constant time comparison function? Yeah, RbNaCl's got one of those (and full HMAC as implemented by Dan Bernstein): https://github.com/cryptosphere/rbnacl/blob/master/lib/rbnacl/util.rb#L40

James Tucker

Saddest thing about this is, @codahale reported this 3 years ago, and I even responded then, but I was too dumb to get it, and not running releases (probably good). Anyway, I was wrong then, and we were wrong not to deal with it.

James Tucker

@tarcieri thing that really gets me though, is that these days I'm very clearly aware of how critical timing attacks are. I had some generally knowledgable folks telling me it's not really viable over the last couple of days. Well, when you're inside the Cloud, you're basically on a LAN. This is totally viable inside [insert cloud service here].

Please sign in to comment.
Something went wrong with that request. Please try again.