[issue13703] Hash collision security issue
report at bugs.python.org
Thu Jan 5 11:20:27 CET 2012
Christian Heimes <lists at cheimes.de> added the comment:
It's quite possible that a user has created a function (by mistake or deliberately) that gives away the hash of an arbitrary string. We haven't taught developers that (s)he shouldn't disclose the hash of a string.
> Why should hash("") always return 0?
> I can't find it in the docs anywhere.
hash("") should return something constant that doesn't reveal information about the random seeds. 0 is an arbitrary choice that is as good as anything else. hash("") already returns 0, hence my suggestion for 0.
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list