[Python-Dev] Hash collision security issue (now public)
Guido van Rossum
guido at python.org
Sun Jan 1 01:11:12 CET 2012
On Sat, Dec 31, 2011 at 4:56 PM, Guido van Rossum <guido at python.org> wrote:
> PS. I would propose a specific fix but I can't seem to build a working
> CPython from the trunk on my laptop (OS X 10.6, Xcode 4.1). I get this
> error late in the build:
>
> ./python.exe -SE -m sysconfig --generate-posix-vars
> Fatal Python error: Py_Initialize: can't initialize sys standard streams
> Traceback (most recent call last):
> File "/Users/guido/cpython/Lib/io.py", line 60, in <module>
> make: *** [Lib/_sysconfigdata.py] Abort trap
>
FWIW I managed to build Python 2.6, and a trivial mutation of the
string/unicode hash function (add 1 initially) made only three tests fail;
test_symtable and test_json both have a dependency on dictionary order,
test_ctypes I can't quite figure out what's going on.
Oh, and an unrelated failure in test_sqlite:
File "/Users/guido/pythons/p26/Lib/sqlite3/test/types.py", line 355, in
CheckSqlTimestamp
self.failUnlessEqual(ts.year, now.year)
AssertionError: 2012 != 2011
I betcha that's because it's still 2011 here in Texas but already 2012 in
UTC-land. Happy New Year everyone! :-)
--
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20111231/c84bb2b5/attachment.html>
More information about the Python-Dev
mailing list