[v10.x] deps: cherry-pick V8 changes to extend hash seed to 64-bit#23260
Closed
hashseed wants to merge 1 commit into
Closed
[v10.x] deps: cherry-pick V8 changes to extend hash seed to 64-bit#23260hashseed wants to merge 1 commit into
hashseed wants to merge 1 commit into
Conversation
Member
Author
|
I swear I didn't plan this when I chose my github/twitter user name :) |
Member
Member
|
@hashseed can you confirm this is already on master? |
Member
Author
|
This is not yet on master, since the last in this series of commits landed just a week ago in upstream V8. Should I float this on master as well? |
Member
Member
|
|
cjihrig
approved these changes
Oct 4, 2018
Member
Author
addaleax
approved these changes
Oct 4, 2018
ofrobots
approved these changes
Oct 4, 2018
ofrobots
left a comment
Contributor
There was a problem hiding this comment.
LGTM w/ minor nit: the commit abstract can be shortened to the preferred guidelines. I suggest something like: deps: V8: cherry-pick 64-bit hash seed commits. This can happen at landing time, and the second commit squashed at that time.
This serves as mitigation for the so-called HashWick vulnerability.
Original commit messages:
commit d5686a74d56fbb6985b22663ddadd66eb7b91519
Author: Yang Guo <yangguo@chromium.org>
Date: Mon Jul 16 11:19:42 2018
Extend hash seed to 64 bits
R=bmeurer@chromium.org, ulan@chromium.org
Bug: chromium:680662
Change-Id: I5e1486ad2a42db2998d5485a0c4e711378678e6c
Reviewed-on: https://chromium-review.googlesource.com/1136034
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{nodejs#54460}
commit 3833fef57368c53c6170559ffa524c8c69f16ee5
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 11:43:13 2018
Refactor integer hashing function names
We now clearly differentiate between:
- unseeded hash for 32-bit integers
- unseeded hash for 64-bit integers
- seeded hash for 32-bit integers
- seeded hash for strings
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I7459958c4158ee3501c962943dff8f33258bb5ce
Reviewed-on: https://chromium-review.googlesource.com/1235973
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{nodejs#56068}
commit 95a979e02d7154e45b293261a6998c99d71fc238
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 14:34:48 2018
Call into C++ to compute seeded integer hash
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I8dace89d576dfcc5833fd539ce698a9ade1cb5a0
Reviewed-on: https://chromium-review.googlesource.com/1235928
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{nodejs#56091}
commit 2c2af0022d5feb9e525a00a76cb15db9f3e38dba
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 27 16:37:57 2018
Use 64-bit for seeded integer hashes
R=petermarshall@chromium.org
Bug: chromium:680662
Change-Id: If48d1043dbe1e1bb695ec890c23e103a6cacf2d4
Reviewed-on: https://chromium-review.googlesource.com/1244220
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{nodejs#56271}
Refs: nodejs#23259
Member
Author
|
Squashed and reworded the commit message. |
targos
pushed a commit
that referenced
this pull request
Oct 6, 2018
This serves as mitigation for the so-called HashWick vulnerability.
Original commit messages:
commit d5686a74d56fbb6985b22663ddadd66eb7b91519
Author: Yang Guo <yangguo@chromium.org>
Date: Mon Jul 16 11:19:42 2018
Extend hash seed to 64 bits
R=bmeurer@chromium.org, ulan@chromium.org
Bug: chromium:680662
Change-Id: I5e1486ad2a42db2998d5485a0c4e711378678e6c
Reviewed-on: https://chromium-review.googlesource.com/1136034
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54460}
commit 3833fef57368c53c6170559ffa524c8c69f16ee5
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 11:43:13 2018
Refactor integer hashing function names
We now clearly differentiate between:
- unseeded hash for 32-bit integers
- unseeded hash for 64-bit integers
- seeded hash for 32-bit integers
- seeded hash for strings
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I7459958c4158ee3501c962943dff8f33258bb5ce
Reviewed-on: https://chromium-review.googlesource.com/1235973
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56068}
commit 95a979e02d7154e45b293261a6998c99d71fc238
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 14:34:48 2018
Call into C++ to compute seeded integer hash
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I8dace89d576dfcc5833fd539ce698a9ade1cb5a0
Reviewed-on: https://chromium-review.googlesource.com/1235928
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56091}
commit 2c2af0022d5feb9e525a00a76cb15db9f3e38dba
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 27 16:37:57 2018
Use 64-bit for seeded integer hashes
R=petermarshall@chromium.org
Bug: chromium:680662
Change-Id: If48d1043dbe1e1bb695ec890c23e103a6cacf2d4
Reviewed-on: https://chromium-review.googlesource.com/1244220
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56271}
Refs: #23259
PR-URL: #23260
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Member
|
Landed in c6a2f4a. |
targos
pushed a commit
that referenced
this pull request
Oct 7, 2018
This serves as mitigation for the so-called HashWick vulnerability.
Original commit messages:
commit d5686a74d56fbb6985b22663ddadd66eb7b91519
Author: Yang Guo <yangguo@chromium.org>
Date: Mon Jul 16 11:19:42 2018
Extend hash seed to 64 bits
R=bmeurer@chromium.org, ulan@chromium.org
Bug: chromium:680662
Change-Id: I5e1486ad2a42db2998d5485a0c4e711378678e6c
Reviewed-on: https://chromium-review.googlesource.com/1136034
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54460}
commit 3833fef57368c53c6170559ffa524c8c69f16ee5
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 11:43:13 2018
Refactor integer hashing function names
We now clearly differentiate between:
- unseeded hash for 32-bit integers
- unseeded hash for 64-bit integers
- seeded hash for 32-bit integers
- seeded hash for strings
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I7459958c4158ee3501c962943dff8f33258bb5ce
Reviewed-on: https://chromium-review.googlesource.com/1235973
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56068}
commit 95a979e02d7154e45b293261a6998c99d71fc238
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 14:34:48 2018
Call into C++ to compute seeded integer hash
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I8dace89d576dfcc5833fd539ce698a9ade1cb5a0
Reviewed-on: https://chromium-review.googlesource.com/1235928
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56091}
commit 2c2af0022d5feb9e525a00a76cb15db9f3e38dba
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 27 16:37:57 2018
Use 64-bit for seeded integer hashes
R=petermarshall@chromium.org
Bug: chromium:680662
Change-Id: If48d1043dbe1e1bb695ec890c23e103a6cacf2d4
Reviewed-on: https://chromium-review.googlesource.com/1244220
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56271}
Refs: #23259
PR-URL: #23260
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
This was referenced Oct 10, 2018
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This serves as mitigation for the so-called HashWick vulnerability.
Original commit messages:
Refs: #23259
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passes