[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-announce] [SECURITY] Vulnerability to algorithmic complexity at

From: Peter Bex
Subject: [Chicken-announce] [SECURITY] Vulnerability to algorithmic complexity attack due to incorrect randomization of symbol table
Date: Sun, 16 Jul 2017 20:32:03 +0200
User-agent: NeoMutt/20170113 (1.7.2)

Hi all,

It was discovered that our fix for CVE-2012-6125 was incorrect
for the internal Scheme symbol table.

The code that sets up the initial symbol table is run _before_
initializing the PRNG, which means the randomization factor uses
the initial libc seed state.  On most libc implementations this
means the symbol table randomization factor is a constant value
which does not differ between runs.

This allows an attacker who is able to create arbitrary symbols
to defeat the hash table's average complexity to the worst case
behaviour of a linear search by ensuring these symbols all hash
to the same hash bucket.

This has been fixed in both the master and chicken-5 branches.
A patch is available here:
There's no good workaround.  One option would be to use LD_PRELOAD
with a small library that calls srand() on startup.

This issue affects all released versions of CHICKEN.


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]