evil RAR files
Simon McVittie
smcv at debian.org
Thu Apr 30 18:16:34 UTC 2015
On 30/04/15 19:00, Alexandre Detiste wrote:
> Le jeudi 30 avril 2015, 16:09:53 Simon McVittie a écrit :
>> I don't want to unpack unknown files (those without a known-safe
>> cryptographic hash) in general, for a few reasons:
>
> When is a md5 enough ? When is a sha1 needed ?
Let's say we have a well-known "good file", myawesomegame.rar, and its
md5sum is written into one of g-d-p's YAML files.
Producing another file with a matching md5sum (containing whatever
arbitrary junk) would be a 'second preimage attack', which is a more
difficult thing to achieve than a collision attack. The currently-known
attacks on MD5 and SHA1 are variations on a collision attack.
Producing another file that is simultaneously a second preimage *and* a
valid exploit for an unpacker bug seems ... ambitious.
If a better attack on MD5 is found, well, that's why we have sha1sums
and sha256sums too :-)
S
More information about the Pkg-games-devel
mailing list