[Webkit-unassigned] [Bug 168774] Add a test verifying cache deduplication is not sensitive to SHA1 collision attack
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 24 09:36:35 PST 2017
https://bugs.webkit.org/show_bug.cgi?id=168774
--- Comment #33 from Carlos Alberto Lopez Perez <clopez at igalia.com> ---
(In reply to comment #32)
> (In reply to comment #30)
> > (In reply to comment #28)
> > > Oh wow, incredible.
> > >
> > > Is it fixable, or are we just totally hosed? Are we going to need to delete
> > > all the SVN history since this commit from the server in order to avoid the
> > > hash collision?
> >
> > For the record: the commits have been deleted, but the SVN is still hosed.
> >
> > Mailing list thread:
> > https://lists.webkit.org/pipermail/webkit-dev/2017-February/028792.html
>
> It broke our SVN mirror too, it can't be sync anymore after r212950:
>
> Transmitting file data .....svnsync: E200014: Checksum mismatch for
> resulting fulltext
> (/trunk/LayoutTests/http/tests/cache/disk-cache/resources/shattered-2.pdf):
> expected: 5bd9d8cabc46041579a311230539b8d1
> actual: ee4aa52b139d925f8d8884402b0a750c
Right.
And this is the proper way to fix this.
The current repository should be replaced with a mirror until r212950
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170224/e1f1e5a0/attachment-0001.html>
More information about the webkit-unassigned
mailing list