Simon Josefsson <si...@josefsson.org> writes: > You can mitigate this by re-validating all commit hashes using a SHA1CD > git implementation before trusting a git repository. I have not seen > confirmation that 'git fsck' actually do that.
I convinced myself that it does. One of the things git fsck does is recalculate the hash of every object in the repository and ensure that it matches (this is, to a large extent, the entire point; the other checks are sort of an addition), and since Git uses SHA1CD now, git fsck will instantly detect this attack as soon as it does that. I admittedly did not go so far as to track down test objects with the same SHA-1 hash and construct an experiment. But I couldn't see any way where git fsck could *not* detect this problem unless I'm wrong that it recalculates all the hashes, and I'm fairly sure I'm not wrong about that. > If some new attack implementation on SHA1 appears, that isn't detected > by your SHA1CD variant, your validation can be by-passed. This is true. -- Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>
