[issue13703] Hash collision security issue
Antoine Pitrou
report at bugs.python.org
Sat Jan 21 15:27:10 CET 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
> Thoughts? (apart from "ugh! it's ugly!" yes I know - it's late here)
Is it guaranteed that no usage pattern can render this protection
inefficient? What if a dict is constructed by intermingling lookups and
inserts?
Similarly, what happens with e.g. the common use case of
dictdefault(list), where you append() after the lookup/insert? Does some
key distribution allow the attack while circumventing the protection?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list