From: Jarkko Hietaniemi Date: Wed, 23 Jul 2003 13:28:52 +0000 (+0000) Subject: This should make Stas happy. X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=830b38bd9aba3b182891b9a2d5cae8a220294dee;p=p5sagit%2Fp5-mst-13.2.git This should make Stas happy. p4raw-id: //depot/perl@20182 --- diff --git a/hv.h b/hv.h index c43fc57..e414979 100644 --- a/hv.h +++ b/hv.h @@ -56,13 +56,22 @@ struct xpvhv { * (a) the hashed data being interpreted as "unsigned char" (new since 5.8, * a "char" can be either signed or signed, depending on the compiler) * (b) catering for old code that uses a "char" + * * The "hash seed" feature was added in Perl 5.8.1 to perturb the results * to avoid "algorithmic complexity attacks". + * + * If USE_HASH_SEED is defined, hash randomisation is done by default + * If USE_HASH_SEED_EXPLICIT is defined, hash randomisation is done + * only if the environment variable PERL_HASH_SEED is set. + * For maximal control, one can define PERL_HASH_SEED. + * (see also erl.c:perl_parse()). */ -#if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT) -# define PERL_HASH_SEED PL_hash_seed -#else -# define PERL_HASH_SEED 0 +#ifndef PERL_HASH_SEED +# if defined(USE_HASH_SEED) || defined(USE_HASH_SEED_EXPLICIT) +# define PERL_HASH_SEED PL_hash_seed +# else +# define PERL_HASH_SEED 0 +# endif #endif #define PERL_HASH(hash,str,len) \ STMT_START { \ diff --git a/perl.c b/perl.c index bfe3ccc..0968e26 100644 --- a/perl.c +++ b/perl.c @@ -901,7 +901,8 @@ setuid perl scripts securely.\n"); /* [perl #22371] Algorimic Complexity Attack on Perl 5.6.1, 5.8.0 * This MUST be done before any hash stores or fetches take place. * If you set PL_hash_seed (and assumedly also PL_hash_seed_set) yourself, - * it is your responsibility to provide a good random seed! */ + * it is your responsibility to provide a good random seed! + * You can also define PERL_HASH_SEED in compile time, see hv.h. */ if (!PL_hash_seed_set) PL_hash_seed = get_hash_seed(); {