mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-22 01:35:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED

Browse source 
environment variable, to provide an opt-in way to protect against denial of
  service attacks due to hash collisions within the dict and set types.  Patch
  by David Malcolm, based on work by Victor Stinner.
This commit is contained in:
Barry Warsaw 2012-02-20 20:42:21 -05:00
parent f5a5beb339
commit 1e13eb084f
27 changed files with 706 additions and 152 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Lib/test/test_cmd_line.py
View file

@ -103,6 +103,20 @@ class CmdLineTest(unittest.TestCase):
self.exit_code('-c', 'pass'),
0)
def test_hash_randomization(self):
# Verify that -R enables hash randomization:
self.verify_valid_flag('-R')
hashes = []
for i in range(2):
code = 'print(hash("spam"))'
data = self.start_python('-R', '-c', code)
hashes.append(data)
self.assertNotEqual(hashes[0], hashes[1])
# Verify that sys.flags contains hash_randomization
code = 'import sys; print sys.flags'
data = self.start_python('-R', '-c', code)
self.assertTrue('hash_randomization=1' in data)
def test_main():
test.test_support.run_unittest(CmdLineTest)