search

technion / ruby-argon2

A Ruby gem offering bindings for Argon2 password hashing
MIT License
228 stars 30 forks source link

Use of ambiguous string lengths in FFI Engine interface #4

Closed tgoddard closed 8 years ago

tgoddard commented 8 years ago

I think there may be an issue around the lengths here. I'm struggling to compile on my mac, or would add tests and/or fix myself.

The length of several strings is measured with "length" in lib/argon2/ffi_engine.rb#L40 before being passed to a C interface that interprets this as a byte length. In Ruby 1.9 and higher, length is defined as the character length of the string, not the byte length. The bytesize method provides the equivalent for bytes:

http://apidock.com/ruby/String/bytesize

Tims-MBP:ruby-argon2 timgoddard$ irb
2.2.1 :001 > subject = "hoş geldiniz"
 => "hoş geldiniz" 
2.2.1 :002 > subject.length
 => 12 
2.2.1 :003 > subject.bytesize
 => 13 
2.2.1 :004 > subject.chars.length
 => 12 
2.2.1 :005 > subject.bytes.length
 => 13

This may cause errors, or allow an active attacker to produce distinct documents for which this library produces the same hash (effectively an error-based preimage attack).

technion commented 8 years ago

Thank you for this report. I am writing a fix - but this DDoS that Linode is currently undergoing is making my development environment particularly poor.