Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork32k
Description
Bug report
Bug description:
While working withIPv4Network objects,@cakekoa and I discovered that hash collisions were common. Below is a small script that shows a few examples of different networks that have hash collisions.
fromipaddressimportIPv4Network,IPv6Networkdeftest_hash_collision(network_1,network_2):# Shows that the networks are not equivalent.assertnetwork_1!=network_2assertnetwork_1.num_addresses!=network_2.num_addresses# Shows a hash collision similar to CVE-2020-14422asserthash(network_1)==hash(network_2)test_hash_collision(IPv4Network("192.168.1.255/32"),IPv4Network("192.168.1.0/24"))test_hash_collision(IPv4Network("172.24.255.0/24"),IPv4Network("172.24.0.0/16"))test_hash_collision(IPv4Network("192.168.1.87/32"),IPv4Network("192.168.1.86/31"))test_hash_collision(IPv4Network("10.0.0.0/8"),IPv6Network("ffff:ffff:ffff:ffff:ffff:ffff:aff:0/112"))
Upon investigating, we discoveredCVE-2020-14422, which fixed a similar (albeit much more severe) hash collision in the IPv4Interface andIPv6Interface classes. This CVE was fixed inb98e779.
The implementation of_BaseNetwork.__hash() looks like this on the main branch:
def__hash__(self):returnhash(int(self.network_address)^int(self.netmask))
Based on thefix for CVE-2020-14422, the fix for the_BaseNetwork class would likely look like:
diff --git a/Lib/ipaddress.py b/Lib/ipaddress.pyindex 703fa289dda..d8a84f33264 100644--- a/Lib/ipaddress.py+++ b/Lib/ipaddress.py@@ -729,7 +729,7 @@ def __eq__(self, other): return NotImplemented def __hash__(self):- return hash(int(self.network_address) ^ int(self.netmask))+ return hash((int(self.network_address), int(self.netmask))) def __contains__(self, other): # always false if one is v4 and the other is v6.
As this method produces far fewer collisions than what causedCVE-2020-14422, the security impact is likely negligible.@sethmlarson from the PSRT team has given us the green light to publicly submit a fix.
CPython versions tested on:
3.12
Operating systems tested on:
Linux, macOS
Linked PRs
- gh-134062: Fix hash collisions in IPv4Network and IPv6Network #134063
- [3.14] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134476
- [3.13] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134477
- [3.12] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134478
- [3.11] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134479
- [3.10] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134480
- [3.9] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) #134481