This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [incremental] Patch: FYI: add missing bits to checksum
- From: Tom Tromey <tromey at redhat dot com>
- To: Paolo Bonzini <bonzini at gnu dot org>
- Cc: gcc-patches at gcc dot gnu dot org
- Date: Wed, 16 Jan 2008 11:58:02 -0700
- Subject: Re: [incremental] Patch: FYI: add missing bits to checksum
- References: <m38x2rdogp.fsf@fleche.redhat.com> <fmkbee$465$1@ger.gmane.org>
- Reply-to: tromey at redhat dot com
>>>>> "Paolo" == Paolo Bonzini <bonzini@gnu.org> writes:
>> + case CPP_KEYWORD:
>> + type = token->keyword;
>> + md5_process_bytes (&type, sizeof (type), current_hash);
>> + break;
Paolo> Why not change this to sha1 since you're at it?
We have MD5 in libiberty, so it was convenient. Performance may also
be a consideration. MD5 does show up in my profiles.
Paolo> You cannot find a
Paolo> second pre-image for MD5, but you can find collisions pretty easily,
Paolo> so it could yield security problems (no I'm not exaggerating it *too
Paolo> much*---they would be wrong-code bugs, but if somebody plays with MD5
Paolo> collisions you can assume that they are doing something malicious).
I have thought about this argument before. I am not really convinced
by it. After all it is also easy to write obfuscated code that
sneakily does bad things -- in fact, that is much simpler. And, what
is anybody doing compiling sources which may be modifiable by an
attacker?
Paolo> You could have
Paolo> if ("A1" == "A2")
Paolo> foo ();
Paolo> else
Paolo> bar ();
[...]
Paolo> and (A1, A2) is a colliding pair.
I will think about this some more.
I tried to see this problem in action, but I was unable. The only MD5
collision I could easily find yields a program that is rejected by the
lexer. If you have a "nice" collision, I'd like to have it.
BTW there is a "perfect" solution to the problem. We can store the
tokens making up a hunk, and directly compare token streams. I am
reluctant to do this, because it requires more memory. I consider it
a last resort.
Tom