STINNER Victor <[email protected]> added the comment:
Christian Heimes proposes the following change in its randomhash branch (see
issue #13704):
- x = (Py_uhash_t) *p << 7;
+ x = Py_RndHashSeed + ((Py_uhash_t) *p << 7);
for (i = 0; i < len; i++)
x = (1000003U * x) ^ (Py_uhash_t) *p++;
x ^= (Py_uhash_t) len;
This change doesn't add any security if the attacker can inject any string and
retreive the hash value. You can retreive directly Py_RndHashSeed using:
Py_RndHashSeed = intmask((hash("a") ^ len("a") ^ ord("a")) * DIVIDE) -
(ord("a") << 7)
where intmask() truncates to a long (x mod 2^(long bits)) and DIVIDE =
1/1000003 mod 2^(long bits). For example, DIVIDE=2021759595 for 32 bits long.
----------
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue13703>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
