Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

global var PL_hash_state_w >=~ 24000 bytes long #22622

Open
bulk88 opened this issue Sep 24, 2024 · 1 comment
Open

global var PL_hash_state_w >=~ 24000 bytes long #22622

bulk88 opened this issue Sep 24, 2024 · 1 comment
Labels
distro-mswin32

Comments

@bulk88
Copy link
Contributor

bulk88 commented Sep 24, 2024

Description

Perl's global var PL_hash_state_w is 24608 bytes long on 32b Win32 blead perl. That is 24608/4096=6.0078 OS pages of memory. I can't imagine 24KB of randomness being somehow more secure than half a KB or 1 KB of randomness. Current TLS 1.3's max is 256 bytes/2048 bits. My/default perl build is using zaphod32+sbox32_hash combo. > 24 input str len is the divider between the 2 algos. Is this massive global var a default config mistake or intentional?

Steps to Reproduce

Check sizeof(PL_hash_state_w) or PERL_HASH_STATE_BYTES. 24608 bytes came from a obj code analyzer that looked at perl541.dll. I didn't look at the code enough to determine why its 24KB. There could be a (PTR_SIZE * 8) * _foo aka (32 * 8) * _foo
vs (4 * 8) * _foo bug somewhere.

Expected behavior

A var much smaller than 24KB.

Perl configuration

Site configuration information for perl 5.41.5:

Configured by Owner at Tue Sep 24 08:22:16 2024.

Summary of my perl5 (revision 5 version 41 subversion 5) configuration:
  Derived from: a0d54396c9541ecc56de844108174ec4e2d1049d
  Platform:
    osname=MSWin32
    osvers=6.1.7601
    archname=MSWin32-x86-multi-thread
    uname=''
    config_args='undef'
    hint=recommended
    useposix=true
    d_sigaction=undef
    useithreads=define
    usemultiplicity=define
    use64bitint=undef
    use64bitall=undef
    uselongdouble=undef
    usemymalloc=n
    default_inc_excludes_dot=define
  Compiler:
    cc='cl'
    ccflags ='-nologo -GF -W3 -MD -DWIN32 -D_CONSOLE -DNO_STRICT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DPERL_TEXTMODE_SCRIPTS -DMULTIPLICITY -DPERL_IMPLICIT_SYS -DUSE_PERLIO'
    optimize='-O1 -Zi -GL'
    cppflags='-DWIN32'
    ccversion='19.36.32535'
    gccversion=''
    gccosandvers=''
    intsize=4
    longsize=4
    ptrsize=4
    doublesize=8
    byteorder=1234
    doublekind=3
    d_longlong=undef
    longlongsize=8
    d_longdbl=define
    longdblsize=8
    longdblkind=0
    ivtype='long'
    ivsize=4
    nvtype='double'
    nvsize=8
    Off_t='__int64'
    lseeksize=8
    alignbytes=8
    prototype=define
  Linker and Libraries:
    ld='link'
    ldflags ='-nologo -nodefaultlib -debug -opt:ref,icf -ltcg -libpath:"c:\sources\plbd\lib\CORE" -machine:x86 -subsystem:console,"5.01"'
    libpth="C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.36.32532\\lib\x86"
    libs=oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib comctl32.lib msvcrt.lib vcruntime.lib ucrt.lib
    perllibs=oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib comctl32.lib msvcrt.lib vcruntime.lib ucrt.lib
    libc=ucrt.lib
    so=dll
    useshrplib=true
    libperl=perl541.lib
    gnulibc_version=''
  Dynamic Linking:
    dlsrc=dl_win32.xs
    dlext=dll
    d_dlsymun=undef
    ccdlflags=' '
    cccdlflags=' '
    lddlflags='-dll -nologo -nodefaultlib -debug -opt:ref,icf -ltcg -libpath:"c:\sources\plbd\lib\CORE" -machine:x86 -subsystem:console,"5.01"'

Locally applied patches:
    uncommitted-changes

---
@INC for perl 5.41.5:
    C:/sources/plbd/site/lib
    C:/sources/plbd/lib

---
Environment for perl 5.41.5:
    HOME (unset)
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=C:\sources\plbd\bin;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.36.32532\bin\HostX86\x86;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\VC\VCPackages;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\CommonExtensions\Microsoft\TestWindow;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer;C:\Program Files\Microsoft Visual Studio\2022\Community\MSBuild\Current\bin\Roslyn;C:\Program Files\Microsoft Visual Studio\2022\Community\Team Tools\Performance Tools;C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\;C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\\x86;C:\Program Files (x86)\Windows Kits\10\bin\\x86;C:\Program Files\Microsoft Visual Studio\2022\Community\\MSBuild\Current\Bin\amd64;C:\Windows\Microsoft.NET\Framework\v4.0.30319;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\Tools\;C:\Program Files\ImageMagick-7.1.1-Q16-HDRI;C:\Program Files\Python\Python38\Scripts\;C:\Program Files\Python\Python38\;C:\sources\electron;C:\Program Files (x86)\ActiveState Komodo IDE 12\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\Program Files\TortoiseGit\bin;C:\Program Files\WireGuard\;C:\Program Files\PuTTY\;C:\Users\Owner\.cargo\bin;C:\Users\Owner\AppData\Roaming\npm;;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\Llvm\bin;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\CommonExtensions\Microsoft\CMake\CMake\bin;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\CommonExtensions\Microsoft\CMake\Ninja;C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\VC\Linux\bin\ConnectionManagerExe;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\vcpkg
    PERL_BADLANG (unset)
    SHELL (unset)
@mauke
Copy link
Contributor

mauke commented Sep 24, 2024
edited
Loading

https://github.com/Perl/perl5/blob/8784b2b769532fbc1d66bf9a67f7b4f3673d29de/INSTALL#algorithmic-complexity-attacks-on-hashes

Since Perl 5.18 we have included support for multiple hash functions, although from time to time we change which functions we support, and which function is default (currently SBOX+SIPHASH13 on 64 bit builds and SBOX+ZAPHOD32 for 32 bit builds). [...]

SBOX32 requires 1k of storage per character it can hash, and it must populate that storage with 256 32-bit random values as well. [...]

By default Perl will use SBOX32 to hash strings 24 bytes or shorter, you can change this length by setting SBOX32_MAX_LEN to the desired length, with the maximum length being 256. [...]

24 * 1k seems to match your observed symbol size.

PS: The actual calculation is in hv_func.h:

#define PVT_PERL_HASH_STATE_BYTES  \
    ( PVT__PERL_HASH_STATE_BYTES + ( ( 1 + ( 256 * SBOX32_MAX_LEN ) ) * sizeof(U32) ) )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
distro-mswin32
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jkeenan @mauke @bulk88