mirror of
https://github.com/python/cpython.git
synced 2025-08-04 00:48:58 +00:00
Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.
This commit is contained in:
Georg Brandl
parent
ec1712a166
commit
2daf6ae249
32 changed files with 660 additions and 152 deletions
17
Lib/os.py
17
Lib/os.py
|
|
@ -611,23 +611,6 @@ try:
|
|||
except NameError: # statvfs_result may not exist
|
||||
pass
|
||||
|
||||
if not _exists("urandom"):
|
||||
def urandom(n):
|
||||
"""urandom(n) -> str
|
||||
|
||||
Return a string of n random bytes suitable for cryptographic use.
|
||||
|
||||
"""
|
||||
try:
|
||||
_urandomfd = open("/dev/urandom", O_RDONLY)
|
||||
except (OSError, IOError):
|
||||
raise NotImplementedError("/dev/urandom (or equivalent) not found")
|
||||
bs = b""
|
||||
while len(bs) < n:
|
||||
bs += read(_urandomfd, n - len(bs))
|
||||
close(_urandomfd)
|
||||
return bs
|
||||
|
||||
# Supply os.popen()
|
||||
def popen(cmd, mode="r", buffering=-1):
|
||||
if not isinstance(cmd, str):
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue