[issue13703] Hash collision security issue
STINNER Victor
report at bugs.python.org
Tue Jan 10 23:15:05 CET 2012
STINNER Victor <victor.stinner at haypocalc.com> added the comment:
Patch version 4:
- os.urandom() raises again exceptions on failure
- drop support of VMS (which used RAND_pseudo_bytes from OpenSSL): I don't see how to link Python/random.c to libcrypto on VMS, I don't have VMS, and it don't see how it was working because posixmodule.c was neither linked to libcrypto !?
- fix test_dict, test_gdb, test_builtin
- win32_urandom() handles size bigger than INT_MAX using a loop (it may be DWORD max instead?)
- _PyRandom_Init() does nothing it is called twice to fix a _testembed failure (don't change the Unicode secret because Python stores some strings somewhere and never destroy them)
----------
Added file: http://bugs.python.org/file24196/random-4.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list