[Python-Dev] Status of the fix for the hash collision vulnerability (original) (raw)
Antoine Pitrou solipsis at pitrou.net
Sat Jan 14 09:33:28 CET 2012
- Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 14 Jan 2012 13:55:22 +1100 Steven D'Aprano <steve at pearwood.info> wrote:
On 14/01/12 12:58, Gregory P. Smith wrote:
> I do like randomly seeding the hash. +1. This is easy. It can easily be > back ported to any Python version. > > It is perfectly okay to break existing users who had anything depending on > ordering of internal hash tables. Their code was already broken. For the record: steve at runes:~$ python -c "print(hash('spam ham'))" -376510515 steve at runes:~$ jython -c "print(hash('spam ham'))" 2054637885
Not to mention:
$ ./python -c "print(hash('spam ham'))" -6071355389066156083
(64-bit CPython)
Regards
Antoine.
- Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]