Message 186442 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	neologix
Recipients	asvetlov, christian.heimes, gregory.p.smith, jcea, mark.dickinson, neologix, pitrou, python-dev, rhettinger, serhiy.storchaka, skrah, tim.peters, vstinner
Date	2013-04-09.16:51:46
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<CAH_1eM3LoFp0AEaBhQ7_ohZ6De+Oo1wEb30v5L4DxBZ+xEbrHQ@mail.gmail.com>
In-reply-to	<1365524596.94.0.137332823413.issue16427@psf.upfronthosting.co.za>

Content
> I'd expect just casting the pointer type before dereferencing: > > unsigned char p; > ... > hash = (multiplier hash) ^ ((Py_uhash_t )p); > > (don't use size_t, use Py_uhash_t) Is p guaranteed to be size_t aligned? If not, unaligned access can segfault (e.g. on Sparc IIRC). > Also it may make DoS attacks easier. Indeed. And the increase in collision you demonstrated in your previous message worries me (both security and performance wise).

> I'd expect just casting the pointer type before dereferencing:
>
> unsigned char *p;
> ...
> hash = (multiplier * hash) ^ *((Py_uhash_t *)p);
>
> (don't use size_t, use Py_uhash_t)

Is p guaranteed to be size_t aligned?
If not, unaligned access can segfault (e.g. on Sparc IIRC).

> Also it may make DoS attacks easier.

Indeed.
And the increase in collision you demonstrated in your previous
message worries me (both security and performance wise).

History
Date	User	Action	Args
2013-04-09 16:51:46	neologix	set	recipients: + neologix, tim.peters, rhettinger, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, asvetlov, skrah, python-dev, serhiy.storchaka
2013-04-09 16:51:46	neologix	link	issue16427 messages
2013-04-09 16:51:46	neologix	create