[Cython] Hash-based vtables
Stefan Behnel
stefan_ml at behnel.de
Tue Jun 5 09:25:44 CEST 2012
Dag Sverre Seljebotn, 04.06.2012 21:44:
> This can cause crashes/stack smashes
> etc. if there's lower-64bit-of-md5 collisions, but a) the
> probability is incredibly small, b) it would only matter in
> situations that should cause an AttributeError anyway, c) if we
> really care, we can always use an interning-like mechanism to
> validate on module loading that its hashes doesn't collide with
> other hashes (and raise an exception "Congratulations, you've
> discovered a phenomenal md5 collision, get in touch with cython
> devs and we'll work around it right away").
I'm not a big fan of such an attitude. If this happens at runtime, it can
induce any cost from cheap-at-test-time to hugely-expensive-in-production.
Thinking with my evil hat on, this can potentially be data triggered from
the outside (e.g. if a JIT compiler is involved at one end), thus possibly
even leading to a security hole.
We should try to produce software that others can build a business on.
Stefan
More information about the cython-devel
mailing list