On Fri, 2012-01-20 at 16:55 +0100, Frank Sievertsen wrote:
Hello,
I still see at least two ways to create a DOS attack even with the collison-counting-patch.
[snip description of two types of attack on the collision counting approach]
What to do now? I think it's not smart to reduce the number of allowed collisions dramatically AND count all slot-collisions at the same time.
Frank: did you see the new approach I proposed in: http://bugs.python.org/issue13703#msg151735 http://bugs.python.org/file24289/amortized-probe-counting-dmalcolm-2012-01-2... (repurposes the ma_smalltable region of large dictionaries to add tracking of each such dict's average iterations taken per modification, and raise an exception when it exceeds a particular ratio) I'm interested in hearing how it holds up against your various test cases, or what flaws there are in it. Thanks! Dave