Message 151942 - Python tracker (original) (raw)

On Wed, Jan 25, 2012 at 7:45 AM, Dave Malcolm <report@bugs.python.org>wrote:

Dave Malcolm <dmalcolm@redhat.com> added the comment:

I've found a bug in my patch; insertdict writes the old non-randomized hash value into me_hash at: ep->me_hash = hash; rather than using the randomized hash, leading to issues when tested against a real attack.

I'm looking into fixing it.

---

---

Python tracker <report@bugs.python.org> <http://bugs.python.org/issue13703>

---

What happens if I have a dict with str keys that goes into paranoid mode, and I then do:

class A(object): def init(self, s): self.s = s def eq(self, other): return self.s == other def hash(self): return hash(self.s)

d[A("some str that's a key in d")]

Is it still able to find the value?