[issue14234] CVE-2012-0876 (hash table collisions CPU usage DoS) for embedded copy of expat
Gregory P. Smith
report at bugs.python.org
Wed Mar 14 01:30:07 CET 2012
Gregory P. Smith <greg at krypto.org> added the comment:
A test case for this is also needed.
one that sets the hash seed via the environment variable to a different value for two subprocesses that parse and re-emit an xml document to confirm that all of the xml attributes are present but emitted in a different order indicating that attribute hash randomization was in effect is needed.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14234>
_______________________________________
More information about the Python-bugs-list
mailing list