Recent Features
| |||||||||||||
A hash-based DOS attack on BtrfsA hash-based DOS attack on BtrfsPosted Dec 14, 2012 17:29 UTC (Fri) by dakas (guest, #88146)In reply to: A hash-based DOS attack on Btrfs by tialaramex Parent article: A hash-based DoS attack on Btrfs
It seems like it's a little stronger constraint than "partially user selected". The users need enough knowledge of one part of the filename plus the ability to influence the other part to force the hash.Sure? If several last parts of the filename have the same length and CRC and are combined with the same first part of the filename (even if this first part is unknown), why would the resulting CRC not clash? We are not talking about cryptographic hashes here.
(Log in to post comments)
A hash-based DOS attack on Btrfs Posted Dec 17, 2012 13:15 UTC (Mon) by tialaramex (subscriber, #21167) [Link]
"The name consists of a constant prefix plus my user-selected suffix" would constitute enough information. I was thinking more of cases where the prefix /varies/, e.g. because it's used for content addressing, or to serial number the files, or whatever other scheme is in use.
Most code I've worked on that downloaded arbitrary files and gave them names based on their origin (and thus which could be vulnerable to this attack) prefixed the filenames with some varying code or number such as a node identifier. So a naive "assume constant prefix" wouldn't hurt us, but if you could guess our naming scheme (and if we used btrfs) there's definitely a window.
|
|||||||||||||