|
fn djb2_hash_u32(s: &str) -> u32 { |
|
let mut hash: u32 = 5381; |
|
for c in s.bytes().take(32) { |
|
hash = hash.wrapping_mul(33).wrapping_add(c as u32); |
|
} |
|
hash |
|
} |
djb2_hash_u32 (hash = hash * 33 + c) can easily cause collisions, e.g.
.ssh and 01sh.aws and .axR
I would say replacing it with a stronger crypto-safe method like SipHash-1-3, or double-checks with both hashing and string matching (which requires BPF map, linux kernel ver. 5.17+)
love to hear feedback from maintainers : )
jailer/bpfjailer-daemon/src/bpf_loader.rs
Lines 810 to 816 in c173fc3
djb2_hash_u32 (hash = hash * 33 + c) can easily cause collisions, e.g.
.sshand01sh.awsand.axRI would say replacing it with a stronger crypto-safe method like SipHash-1-3, or double-checks with both hashing and string matching (which requires BPF map, linux kernel ver. 5.17+)
love to hear feedback from maintainers : )