This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Mark.Shannon
Recipients Arach, Arfrever, Huzaifa.Sidhpurwala, Mark.Shannon, PaulMcMillan, Zhiping.Deng, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, eric.araujo, georg.brandl, gvanrossum, gz, jcea, lemburg, pitrou, skrah, terry.reedy, tim.peters, v+python, vstinner, zbysz
Date 2012-01-11.14:55:54
SpamBayes Score 0.0016439868
Marked as misclassified No
Message-id <4F0DA2FD.9060209@hotpy.org>
In-reply-to <4F0D9DE3.6010509@egenix.com>
Content
>>>  * the method would need to be implemented for all hashable Python types
>> It was already discussed, and it was said that only hash(str) need to
>> be modified.
> 
> Really ? What about the much simpler attack on integer hash values ?
> 
> You only have to send a specially crafted JSON dictionary with integer
> keys to a Python web server providing JSON interfaces in order to
> trigger the integer hash attack.

JSON objects are decoded as dicts with string keys, integers keys are 
not possible.

 >>> json.loads(json.dumps({1:2}))
{'1': 2}
History
Date User Action Args
2012-01-11 14:55:55Mark.Shannonsetrecipients: + Mark.Shannon, lemburg, gvanrossum, tim.peters, barry, georg.brandl, terry.reedy, jcea, pitrou, vstinner, christian.heimes, benjamin.peterson, eric.araujo, Arfrever, v+python, alex, zbysz, skrah, dmalcolm, gz, Arach, Zhiping.Deng, Huzaifa.Sidhpurwala, PaulMcMillan
2012-01-11 14:55:54Mark.Shannonlinkissue13703 messages
2012-01-11 14:55:54Mark.Shannoncreate