/* hv.h
*
- * Copyright (c) 1991-2002, Larry Wall
+ * Copyright (C) 1991, 1992, 1993, 1996, 1997, 1998, 1999,
+ * 2000, 2001, 2002, by Larry Wall and others
*
* You may distribute under the terms of either the GNU General Public
* License or the Artistic License, as specified in the README file.
I32 hek_len; /* length of hash key */
char hek_key[1]; /* variable-length hash key */
/* the hash-key is \0-terminated */
- /* after the \0 there is a byte for flags, such as whether the key is
- UTF8 */
+ /* after the \0 there is a byte for flags, such as whether the key
+ is UTF-8 */
};
/* hash structure: */
* (a) the hashed data being interpreted as "unsigned char" (new since 5.8,
* a "char" can be either signed or signed, depending on the compiler)
* (b) catering for old code that uses a "char"
+ *
+ * The "hash seed" feature was added in Perl 5.8.1 to perturb the results
+ * to avoid "algorithmic complexity attacks".
+ *
+ * If USE_HASH_SEED is defined, hash randomisation is done by default
+ * If USE_HASH_SEED_EXPLICIT is defined, hash randomisation is done
+ * only if the environment variable PERL_HASH_SEED is set.
+ * For maximal control, one can define PERL_HASH_SEED.
+ * (see also erl.c:perl_parse()).
*/
+#ifndef PERL_HASH_SEED
+# if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT)
+# define PERL_HASH_SEED PL_hash_seed
+# else
+# define PERL_HASH_SEED 0
+# endif
+#endif
#define PERL_HASH(hash,str,len) \
STMT_START { \
register const char *s_PeRlHaSh_tmp = str; \
register const unsigned char *s_PeRlHaSh = (const unsigned char *)s_PeRlHaSh_tmp; \
register I32 i_PeRlHaSh = len; \
- register U32 hash_PeRlHaSh = 0; \
+ register U32 hash_PeRlHaSh = PERL_HASH_SEED; \
while (i_PeRlHaSh--) { \
hash_PeRlHaSh += *s_PeRlHaSh++; \
hash_PeRlHaSh += (hash_PeRlHaSh << 10); \