[Python-Dev] Hash collision security issue (now public)
storchaka at gmail.com
Thu Jan 5 23:15:31 CET 2012
05.01.12 21:14, Glenn Linderman написав(ла):
> So, fixing the vulnerable packages could be a sufficient response,
> rather than changing the hash function. How to fix? Each of those
> above allocates and returns a dict. Simply have each of those allocate
> and return and wrapped dict, which has the following behaviors:
> i) during __init__, create a local, random, string.
> ii) for all key values, prepend the string, before passing it to the
> internal dict.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1923 bytes
Desc: not available
More information about the Python-Dev