Skip to content

Possible timing attack in derivation_endpoint

Moderate
janko published GHSA-5jjv-x4fq-qjwp Oct 4, 2020

Package

bundler shrine (rubygems)

Affected versions

< 3.2.2

Patched versions

3.3.0

Description

Impact

When using the derivation_endpoint plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.

Patches

The problem has been fixed by comparing sent and calculated signature in constant time, using Rack::Utils.secure_compare. Users using the derivation_endpoint plugin are urged to upgrade to Shrine 3.3.0 or greater.

Workarounds

Users of older Shrine versions can apply the following monkey-patch after loading the derivation_endpoint plugin:

class Shrine
  class UrlSigner
    def verify_signature(string, signature)
      if signature.nil?
        fail InvalidSignature, "missing \"signature\" param"
      elsif !Rack::Utils.secure_compare(signature, generate_signature(string))
        fail InvalidSignature, "provided signature does not match the calculated signature"
      end
    end
  end
end

References

You can read more about timing attacks here.

Severity

Moderate

CVE ID

CVE-2020-15237

Weaknesses

No CWEs

Credits