Message 403364 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	Mark.Shannon, christian.heimes, erlendaasland, gvanrossum, lemburg, methane, rhettinger, serhiy.storchaka, vstinner
Date	2021-10-07.09:07:32
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1633597652.58.0.608313730742.issue29410@roundup.psfhosted.org>
In-reply-to

Content
"1.67 us +- 0.03 us: 1.78x faster" with a bytes string of 6k bytes sounds worth it to me. When we talk about "security" here, we are talking about a denial of service attack on the dict worst case performance: https://python-security.readthedocs.io/vuln/hash-dos.html I know that it's not a popular opinion, but I don't think that this denial of service (DoS) is important. IMO there are enough other ways to crash a server. Moreover, the initial attack vector was a HTTP request with tons of header lines. In the meanwhile, the Python http module was modified to put arbitrary limits on the number of HTTP headers and the maximum length of a single HTTP header. It's nice to limit the risk of a DoS, but I don't think that we should go too far. If it worked for Rust and Ruby, SipHash-1-3 should be good as well for Python. I expect even more interesting speedup with bytes string longer than 6k bytes. And I'm quite sure that it's common that people manipulates long strings in Python :-) I retarget this change to Python 3.11. Please don't backport it since it changes the Python build system (configure options).

"1.67 us +- 0.03 us: 1.78x faster" with a bytes string of 6k bytes sounds worth it to me.

When we talk about "security" here, we are talking about a denial of service attack on the dict worst case performance:
https://python-security.readthedocs.io/vuln/hash-dos.html

I know that it's not a popular opinion, but I don't think that this denial of service (DoS) is important. IMO there are enough other ways to crash a server. Moreover, the initial attack vector was a HTTP request with tons of header lines. In the meanwhile, the Python http module was modified to put arbitrary limits on the number of HTTP headers and the maximum length of a single HTTP header.

It's nice to limit the risk of a DoS, but I don't think that we should go too far. If it worked for Rust and Ruby, SipHash-1-3 should be good as well for Python.

I expect even more interesting speedup with bytes string longer than 6k bytes. And I'm quite sure that it's common that people manipulates long strings in Python :-)

I retarget this change to Python 3.11. Please don't backport it since it changes the Python build system (configure options).

History
Date	User	Action	Args
2021-10-07 09:07:32	vstinner	set	recipients: + vstinner, lemburg, gvanrossum, rhettinger, christian.heimes, methane, Mark.Shannon, serhiy.storchaka, erlendaasland
2021-10-07 09:07:32	vstinner	set	messageid: <1633597652.58.0.608313730742.issue29410@roundup.psfhosted.org>
2021-10-07 09:07:32	vstinner	link	issue29410 messages
2021-10-07 09:07:32	vstinner	create