In the course of looking at the fix (fc50a701fa) for CVE-2021-22212, I
found a couple of things that I think are worth mentioning...
The specific change is trivial, changing the starting point of the range
from 0x21 (!) to 0x24 ($). This avoids 0x23 (#). However, it differs
from the pre-bug version of this code in that it will not output 0x21
(!) or 0x22 (") either.
I see that the pre-bug version used random.randint(0x21, 0x7e) which is
inclusive on the upper end, while the new code uses 0x2[14] +
secrets.randbelow(0x5d) which is exclusive on the upper end. Thus, the
new code (both prior to and after the fix for this CVE) will no longer
use 0x7e (~). This is arguably a bug: the behavior differs between the
Python 3 / secrets and Python 2 / random versions for seemingly
unintentional reasons.
Both of these slightly reduce the entropy, but I'm not sure how much it
matters:
Pre-bug: [0x21, 0x7e] excluding 0x23 => 0x5d choices per char
Bug: [0x21, 0x7e) aka => 0x5d choices per char
[0x21, 0x7d]
Now: [0x24, 0x7e) aka => 0x5a choices per char
[0x24, 0x7d]
--
Richard
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
