AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Do you need winzip or winrar anymore4/5/2024 ![]() ![]() This leads to an exploitable buffer overflow vulnerability.ĭata written where it doesn’t belong ends up being treated as program code that gets executed, rather than as plain old data to be used in the dearchiving process. This bug can be triggered (ironically, perhaps) when the product makes use of this data recovery system.Īs far as we can see, a booby-trapped parity data chunk inserted into an archive can trick the WinRAR code into writing data outside of the memory area allocated to it. Well, after what we assume is many years unnoticed, a bug now dubbed CVE-2023-40477 has surfaced in WinRAR. Simply put, having the parity data chunk P means we can always reconstruct any missing chunk, regardless of which one it is. Now look what happens if any one of A, B or C is lost:Īlso, if P is lost, we can ignore it because we can compute A ⊕ B ⊕ C anyway. Given the truth table above, and given that XOR is what’s known as commutative, meaning that the order of the values in a calculation can be swapped around if you like, so that X ⊕ Y = Y ⊕ Z, or A ⊕ B ⊕ C = C ⊕ B ⊕ A = B ⊕ C ⊕ A and so on, we can see that: Now imagine that you have three data chunks labelled A, B, and C, and you compute a fourth chunk P by XORing A and B and C together, so that P = (A ⊕ B ⊕ C). If you say “yes”, you then have to choose coffee alone, or choose tea alone, because you can’t have one cup of each.Īs you can work out from the truth table above, XOR has the convenient characteristics that X ⊕ 0 = X, and X ⊕ X = 0. The XOR function works a bit like the question, “Would you like coffee or tea?” If X=1 and Y=1 then X ⊕ Y = 0 (it's got to be one or other) If X=0 and Y=1 then X ⊕ Y = 1 (one can be true, but not both) If X=1 and Y=0 then X ⊕ Y = 1 (one can be true, but not both) If X=0 and Y=0 then X ⊕ Y = 0 (two falses make a false) XOR is short for exclusive OR, which denotes “either X is true or Y is true, but not both at the same time”, thus following this truth table, which we construct by assuming that X and Y can only have the values 0 (false) or 1 (true): Parity-based correction relies on the XOR operation, which we’ll denote here with the symbol ⊕ (a plus sign inside a circle). These stored error correction data such that multi-part archives could be recovered automatically and completely even if one entire chunk (or more, depending on how much recovery information was kept) ended up lost or irretrievable.Īpparently, RAR archives up to and including version 4 used so-called parity correction newer versions use a computationally more complex but more powerful error correction system known as Reed-Solomon codes. ![]() RAR, or WinRAR in its contemporary Windows form, helped to deal with this problem by offering so-called recovery volumes. If one floppy went missing or wouldn’t read back properly, or if one chunk of a 12-part archive upload got deleted from the server by mistake, you were out of luck. The venerable RAR program, short for Roshal’s Archiver after its original creator, has been popular in file sharing and software distribution circles for decades, not least because of its built-in error recovery and file reconstruction features.Įarly internet users will remember, with little fondness, the days when large file transfers were shipped either as compressed archives split across multiple floppy disks, or uploaded to size-conscious online forums as a series of modestly-sized chunks that were first compressed to save space and then expanded into an ASCII-only text-encoded form.
0 Comments
Read More
Leave a Reply. |