[Python-Dev] Status of the fix for the hash collision vulnerability (original) (raw)
Terry Reedy tjreedy at udel.edu
Sat Jan 14 06:43:04 CET 2012
- Previous message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 1/13/2012 8:58 PM, Gregory P. Smith wrote:
It is perfectly okay to break existing users who had anything depending on ordering of internal hash tables. Their code was already broken.
Given that the doc says "Return the hash value of the object", I do not think we should be so hard-nosed. The above clearly implies that there is such a thing as the Python hash value for an object. And indeed, that has been true across many versions. If we had written "Return a hash value for the object, which can vary from run to run", the case would be different.
-- Terry Jan Reedy
- Previous message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]