FWIW the quick change i pastebin'ed is basically covered by the change already under review in <a href="http://bugs.python.org/review/13704/show">http://bugs.python.org/review/13704/show</a>. I've made my comments and suggestions there.<div>
<br></div><div>I looked into Modules/expat/xmlparse.c and it has an odd copy of the old string hash algorithm entirely for its own internal use and its own internal hash table implementations. That module is likely vulnerable to creatively crafted documents for the same reason. With 13704 and the public API it provides to get the random hash seed, that module could simply be updated to use that in its own hash implementation.</div>
<div><br></div><div>As for when to enable it or not, I unfortunately have to agree, despite my wild desires we can't turn on the hash randomization change by default in anything prior to 3.3.</div><div><br></div><div>
-gps</div><div><br><div class="gmail_quote">On Sat, Jan 14, 2012 at 11:17 AM, Gregory P. Smith <span dir="ltr"><<a href="mailto:greg@krypto.org">greg@krypto.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<p>My patch example does change the bytes object hash as well as Unicode.</p><div class="HOEnZb"><div class="h5">
<div class="gmail_quote">On Jan 13, 2012 7:46 PM, <<a href="mailto:martin@v.loewis.de" target="_blank">martin@v.loewis.de</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
What an implementation looks like:<br>
<br>
<a href="http://pastebin.com/9ydETTag" target="_blank">http://pastebin.com/9ydETTag</a><br>
<br>
some stuff to be filled in, but this is all that is really required.<br>
</blockquote>
<br>
I think this statement (and the patch) is wrong. You also need to change<br>
the byte string hashing, at least for 2.x. This I consider the biggest<br>
flaw in that approach - other people may have written string-like objects<br>
which continue to compare equal to a string but now hash different.<br>
<br>
Regards,<br>
Martin<br>
<br>
<br>
______________________________<u></u>_________________<br>
Python-Dev mailing list<br>
<a href="mailto:Python-Dev@python.org" target="_blank">Python-Dev@python.org</a><br>
<a href="http://mail.python.org/mailman/listinfo/python-dev" target="_blank">http://mail.python.org/<u></u>mailman/listinfo/python-dev</a><br>
Unsubscribe: <a href="http://mail.python.org/mailman/options/python-dev/greg%40krypto.org" target="_blank">http://mail.python.org/<u></u>mailman/options/python-dev/<u></u>greg%40krypto.org</a><br>
</blockquote></div>
</div></div></blockquote></div><br></div>