Author nnewram
Recipients nnewram
Date 2020-06-17.13:11:52
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1592399512.32.0.283218763722.issue41004@roundup.psfhosted.org>
In-reply-to
Content
In the ipaddress library there exists two classes IPv4Interface, and IPv6Interface. These classes' hash functions will always return 32 and 64 respectively. If IPv4Interface or IPv6Interface objects then are put in a dictionary, on for example a server storing IPs, this will cause hash collisions, which in turn can lead to DOS.

The root of this is on line 1421 and 2095. On both lines, self._ip and self.network.network_address will both be same, and when xor is applied they will cancel eachother out, leaving return self._prefixlen .
Since self._prefixlen is a constant, 32 and 64 respectively, this will lead to a constant hash.

The fix is trivial, on line 1421, change to:
return hash((self._ip, self._prefixlen, int(self.network.network_address)))

and on line 2095, change to:
return hash((self._ip, self._prefixlen, int(self.network.network_address)))
History
Date User Action Args
2020-06-17 13:11:52nnewramsetrecipients: + nnewram
2020-06-17 13:11:52nnewramsetmessageid: <1592399512.32.0.283218763722.issue41004@roundup.psfhosted.org>
2020-06-17 13:11:52nnewramlinkissue41004 messages
2020-06-17 13:11:52nnewramcreate