[Python-Dev] Status of the fix for the hash collision vulnerability

Antoine Pitrou solipsis at pitrou.net
Sat Jan 14 09:33:28 CET 2012

• Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
• Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

On 2012年1月14日 13:55:22 +1100
Steven D'Aprano <steve at pearwood.info> wrote:
> On 14/01/12 12:58, Gregory P. Smith wrote:
>> > I do like *randomly seeding the hash*. *+1*. This is easy. It can easily be
> > back ported to any Python version.
> >
> > It is perfectly okay to break existing users who had anything depending on
> > ordering of internal hash tables. Their code was already broken.
>> For the record:
>> steve at runes:~$ python -c "print(hash('spam ham'))"
> -376510515
> steve at runes:~$ jython -c "print(hash('spam ham'))"
> 2054637885

Not to mention:
$ ./python -c "print(hash('spam ham'))"
-6071355389066156083
(64-bit CPython)
Regards
Antoine.

---

• Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
• Next message: [Python-Dev] Status of the fix for the hash collision vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-Dev mailing list