[issue13703] Hash collision security issue
Antoine Pitrou
report at bugs.python.org
Tue Jan 10 15:26:57 CET 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
> Version 3 of my patch:
> - Add PYTHONHASHSEED environment variable to get a fixed seed or to
> disable the randomized hash function (PYTHONHASHSEED=0)
> - Add tests on the randomized hash function
> - Add more tests on os.urandom()
You forgot random.c.
+ PyErr_SetString(PyExc_RuntimeError, "Fail to generate random
bytes");
I would put an OSError and preserve the errno.
+ def test_null_hash(self):
+ # PYTHONHASHSEED=0 disables the randomized hash
+ self.assertEqual(self.get_hash("abc", 0), -1600925533)
+
+ def test_fixed_hash(self):
+ # test a fixed seed for the randomized hash
+ self.assertEqual(self.get_hash("abc", 42), -206076799)
This is portable on both 32-bit and 64-bit builds?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list