develooper Front page | perl.perl5.porters | Postings from November 2003

Re: PL_hash_seed_set vs. PL_new_hash_seed_set

Thread Next
From:
Nicholas Clark
Date:
November 2, 2003 12:02
Subject:
Re: PL_hash_seed_set vs. PL_new_hash_seed_set
Message ID:
20031102200240.GT6287@plum.flirble.org
On Sun, Nov 02, 2003 at 11:22:44AM -0800, Stas Bekman wrote:
> Nicholas Clark wrote:
> 
> >>BTW, can I actually use this?
> >>
> >>perl-5.8.2-ithread -le 'print Internals::hash_seed()'
> >>3088488954
> >>
> >>I never knew about this function. It'd be very helpful to use it in my 
> >>attack generator.
> >
> >
> >It's officially exposed via Hash::Util::hash_seed
> 
> So I shouldn't be using Internals::, right? But Hash::Util::. Same for 
> Hash::Util::HvREHASH?

I'm not sure. I'm happy to say that mod_perl can use them (and only
mod_perl) because very little else out there grovels around in the perl
guts.

> >Question is quite what to do now that we have 2 hash seeds.
> >I'm going to mail p5p with my thoughts on this.
> 
> Sure, let's discuss it there.


OK. I'm not sure what to do:

We have Hash::Util::hash_seed which is documented as exposing the hash seed:

    hash_seed() returns the seed number used to randomise hash ordering.
    Zero means the "traditional" random hash ordering, non-zero means the
    new even more random hash ordering introduced in Perl 5.8.1.

    B<Note that the hash seed is sensitive information>: by knowing it one
    can craft a denial-of-service attack against Perl code, even remotely,
    see L<perlsec/"Algorithmic Complexity Attacks"> for more information.
    B<Do not disclose the hash seed> to people who don't need to know it.
    See also L<perlrun/PERL_HASH_SEED_DEBUG>.


Strictly in 5.8.2 we can honour the first paragraph by returning 0
(or continuing to return PL_hash_seed via Internals::hash_seed, which
will be 0)

On the other hand, given that the example earlier is:

  my $hashes_are_randomised = hash_seed() != 0;

we'd make existing code think that hashes are not now random.
Which is only sort of true.
Most hashes aren't random. But hashes with pathological data inserted
start becoming "random" just like all hashes in 5.8.1


Or we can be differently truthful and return PL_new_hash_seed from
Hash::Util::hash_seed
This will give the seed used on the "random" hashes. But wont be that
honest for most hashes most of the time because they are not random.


If anything I'm minded to make Hash::Util::hash_seed return
PL_new_hash_seed, as this is the useful piece of information
[by adding Internals::new_hash_seed()] but continue
to return PL_hash_seed via Internals::hash_seed().

Thoughts?

Nicholas Clark

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About