[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Donald Stufft
donald at stufft.io
Tue Feb 25 14:21:46 CET 2014
On Feb 25, 2014, at 8:17 AM, Antoine Pitrou <solipsis at pitrou.net> wrote:
> On Tue, 25 Feb 2014 08:08:09 -0500
> Donald Stufft <donald at stufft.io> wrote:
>>
>> Hash randomization is broken and doesn’t fix anything.
>
> Not sure what you mean with "doesn't fix anything". Hash collisions were
> easy to exploit pre-hash randomization, they doesn't seem as easy to
> exploit with it.
Instead of pre-generating one set of values that can be be used to DoS things
you have to pre-generate 256 sets of values and try them until you get the
right one. It’s like putting on armor made of paper and saying it’s harder to
stab you now.
-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140225/e5a6934f/attachment-0001.sig>
More information about the Python-Dev
mailing list