Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime) in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.

commit: 2daf6ae2495c862adf8bc717bfe9964081ea0b10 [log] [tgz]
author: Georg Brandl <georg@python.org> Mon Feb 20 19:54:16 2012 +0100
committer: Georg Brandl <georg@python.org> Mon Feb 20 19:54:16 2012 +0100
tree: ebd7efe668e4f7842c6d51bdbde47b00f92a57db
parent: ec1712a1662282c909b4cd4cc0c7486646bc9246 [diff] [blame]
diff --git a/Modules/datetimemodule.c b/Modules/datetimemodule.c
index 0ac51aa..f3103ea 100644
--- a/Modules/datetimemodule.c
+++ b/Modules/datetimemodule.c

@@ -2566,10 +2566,12 @@
     register long x;
 
     p = (unsigned char *) data;
-    x = *p << 7;
+    x = _Py_HashSecret.prefix;
+    x ^= *p << 7;
     while (--len >= 0)
         x = (1000003*x) ^ *p++;
     x ^= len;
+    x ^= _Py_HashSecret.suffix;
     if (x == -1)
         x = -2;
commit	2daf6ae2495c862adf8bc717bfe9964081ea0b10	[log] [tgz]
author	Georg Brandl <georg@python.org>	Mon Feb 20 19:54:16 2012 +0100
committer	Georg Brandl <georg@python.org>	Mon Feb 20 19:54:16 2012 +0100
tree	ebd7efe668e4f7842c6d51bdbde47b00f92a57db
parent	ec1712a1662282c909b4cd4cc0c7486646bc9246 [diff] [blame]