bpo-32329: Fix -R option for hash randomization (#4873)

bpo-32329, bpo-32030: * The -R option now turns on hash randomization when the PYTHONHASHSEED environment variable is set to 0 Previously, the option was ignored. * sys.flags.hash_randomization is now properly set to 0 when hash randomization is turned off by PYTHONHASHSEED=0. * _PyCoreConfig_ReadEnv() now reads the PYTHONHASHSEED environment variable. _Py_HashRandomization_Init() now only apply the configuration, it doesn't read PYTHONHASHSEED anymore.
2025-08-03 16:39:00 +00:00 · 2017-12-15 00:51:22 +01:00 · 2017-12-15 00:51:22 +01:00 · 358e5e17a5
commit 358e5e17a5
parent 96a5e50a5d
6 changed files with 63 additions and 39 deletions
--- a/Python/bootstrap_hash.c
+++ b/Python/bootstrap_hash.c
@ -533,9 +533,10 @@ _PyOS_URandomNonblock(void *buffer, Py_ssize_t size)
    return pyurandom(buffer, size, 0, 1);
 }

-int Py_ReadHashSeed(const char *seed_text,
-                    int *use_hash_seed,
-                    unsigned long *hash_seed)
+int
+_Py_ReadHashSeed(const char *seed_text,
+                 int *use_hash_seed,
+                 unsigned long *hash_seed)
 {
    Py_BUILD_ASSERT(sizeof(_Py_HashSecret_t) == sizeof(_Py_HashSecret.uc));
    /* Convert a text seed to a numeric one */
@ -561,9 +562,9 @@ int Py_ReadHashSeed(const char *seed_text,
    return 0;
 }

-static _PyInitError
-init_hash_secret(int use_hash_seed,
-                 unsigned long hash_seed)
+
+_PyInitError
+_Py_HashRandomization_Init(const _PyCoreConfig *config)
 {
    void *secret = &_Py_HashSecret;
    Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
@ -573,14 +574,14 @@ init_hash_secret(int use_hash_seed,
    }
    _Py_HashSecret_Initialized = 1;

-    if (use_hash_seed) {
-        if (hash_seed == 0) {
+    if (config->use_hash_seed) {
+        if (config->hash_seed == 0) {
            /* disable the randomized hash */
            memset(secret, 0, secret_size);
        }
        else {
            /* use the specified hash seed */
-            lcg_urandom(hash_seed, secret, secret_size);
+            lcg_urandom(config->hash_seed, secret, secret_size);
        }
    }
    else {
@ -601,24 +602,6 @@ init_hash_secret(int use_hash_seed,
    return _Py_INIT_OK();
 }

-_PyInitError
-_Py_HashRandomization_Init(_PyCoreConfig *core_config)
-{
-    const char *seed_text;
-    int use_hash_seed = core_config->use_hash_seed;
-    unsigned long hash_seed = core_config->hash_seed;
-
-    if (use_hash_seed < 0) {
-        seed_text = Py_GETENV("PYTHONHASHSEED");
-        if (Py_ReadHashSeed(seed_text, &use_hash_seed, &hash_seed) < 0) {
-            return _Py_INIT_USER_ERR("PYTHONHASHSEED must be \"random\" "
-                                     "or an integer in range [0; 4294967295]");
-        }
-        core_config->use_hash_seed = use_hash_seed;
-        core_config->hash_seed = hash_seed;
-    }
-    return init_hash_secret(use_hash_seed, hash_seed);
-}

 void
 _Py_HashRandomization_Fini(void)