Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)

in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.
2025-08-31 05:58:33 +00:00 · 2012-02-20 19:54:16 +01:00 · 2012-02-20 19:54:16 +01:00 · 2daf6ae249
commit 2daf6ae249
parent ec1712a166
32 changed files with 660 additions and 152 deletions
--- a/Modules/main.c
+++ b/Modules/main.c
@ -47,7 +47,7 @@ static wchar_t **orig_argv;
 static int  orig_argc;

 /* command line options */
-#define BASE_OPTS L"bBc:dEhiJm:OsStuvVW:xX?"
+#define BASE_OPTS L"bBc:dEhiJm:ORsStuvVW:xX?"

 #define PROGRAM_OPTS BASE_OPTS

@ -72,6 +72,9 @@ static char *usage_2 = "\
 -m mod : run library module as a script (terminates option list)\n\
 -O     : optimize generated bytecode slightly; also PYTHONOPTIMIZE=x\n\
 -OO    : remove doc-strings in addition to the -O optimizations\n\
+-R     : use a pseudo-random salt to make hash() values of various types be\n\
+         unpredictable between separate invocations of the interpreter, as\n\
+         a defence against denial-of-service attacks\n\
 -s     : don't add user site directory to sys.path; also PYTHONNOUSERSITE\n\
 -S     : don't imply 'import site' on initialization\n\
 ";
@ -99,6 +102,12 @@ PYTHONHOME   : alternate <prefix> directory (or <prefix>%c<exec_prefix>).\n\
 PYTHONCASEOK : ignore case in 'import' statements (Windows).\n\
 PYTHONIOENCODING: Encoding[:errors] used for stdin/stdout/stderr.\n\
 ";
+static char *usage_6 = "\
+PYTHONHASHSEED: if this variable is set to ``random``, the effect is the same \n\
+   as specifying the :option:`-R` option: a random value is used to seed the\n\
+   hashes of str, bytes and datetime objects.  It can also be set to an integer\n\
+   in the range [0,4294967295] to get hash values with a predictable seed.\n\
+";

 #ifndef MS_WINDOWS
 static FILE*
@ -136,6 +145,7 @@ usage(int exitcode, wchar_t* program)
        fputs(usage_3, f);
        fprintf(f, usage_4, DELIM);
        fprintf(f, usage_5, DELIM, PYTHONHOMEHELP);
+        fputs(usage_6, f);
    }
 #if defined(__VMS)
    if (exitcode == 0) {
@ -373,6 +383,10 @@ Py_Main(int argc, wchar_t **argv)
            PySys_AddWarnOption(_PyOS_optarg);
            break;

+        case 'R':
+            Py_HashRandomizationFlag++;
+            break;
+
        /* This space reserved for other options */

        default: