From: Jarkko Hietaniemi Date: Mon, 8 Sep 2003 21:09:34 +0000 (+0000) Subject: Retract #21096, mostly: I had misexplained the situation X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=9a7034eb2c2d4f0ed795b3c479d700ded086d7e8;p=p5sagit%2Fp5-mst-13.2.git Retract #21096, mostly: I had misexplained the situation to Scott A. Crosby. Seeing the seed value while not good for the ultimate paranoia viewpoint is not that bad, as long as the users are fully aware of the dangers of disclosing the hash seed. So hash_seed() is okay. Being able to see the hash values (as in Java) would be another option, but dubious: it's not that per-key hash values themselves are bad to allow scripts to see, but rather that hash values are just as sensitive (from the DoSing viewpoint) as the hash seed itself (and there usually more hash values than the one hash seed....) p4raw-id: //depot/perl@21112 --- diff --git a/lib/Hash/Util.pm b/lib/Hash/Util.pm index 7c528a2..8e8c952 100644 --- a/lib/Hash/Util.pm +++ b/lib/Hash/Util.pm @@ -7,7 +7,7 @@ use Carp; require Exporter; our @ISA = qw(Exporter); our @EXPORT_OK = qw(lock_keys unlock_keys lock_value unlock_value - lock_hash unlock_hash hashes_random + lock_hash unlock_hash hash_seed ); our $VERSION = 0.05; @@ -20,7 +20,7 @@ Hash::Util - A selection of general-utility hash subroutines use Hash::Util qw(lock_keys unlock_keys lock_value unlock_value lock_hash unlock_hash - hashes_random); + hash_seed); %hash = (foo => 42, bar => 23); lock_keys(%hash); @@ -33,7 +33,7 @@ Hash::Util - A selection of general-utility hash subroutines lock_hash (%hash); unlock_hash(%hash); - my $hashes_random = hashes_random(); + my $hashes_are_randomised = hash_seed() != 0; =head1 DESCRIPTION @@ -179,18 +179,18 @@ sub unlock_hash (\%) { } -=item B +=item B - my $hashes_random = hashes_random(); + my $hash_seed = hash_seed(); -hashes_random() returns true if Perl hashes are randomised as in Perl -5.8.1 and later, false if Perl hashes have a predictable order as in -Perl 5.8.0 and earlier. +hash_seed() returns the seed number used to randomise hash ordering. +Zero means the "traditional" random hash ordering, non-zero means the +new even more random hash ordering introduced in Perl 5.8.1. =cut -sub hashes_random () { - Internals::hashes_random(); +sub hash_seed () { + Internals::hash_seed(); } =back diff --git a/lib/Hash/Util.t b/lib/Hash/Util.t index b1a32a1..48cbc7c 100644 --- a/lib/Hash/Util.t +++ b/lib/Hash/Util.t @@ -6,7 +6,7 @@ BEGIN { chdir 't'; } } -use Test::More tests => 155; +use Test::More tests => 157; use strict; my @Exported_Funcs; @@ -14,6 +14,7 @@ BEGIN { @Exported_Funcs = qw(lock_keys unlock_keys lock_value unlock_value lock_hash unlock_hash + hash_seed ); use_ok 'Hash::Util', @Exported_Funcs; } @@ -273,3 +274,5 @@ like( $@, qr/^Attempt to access disallowed key 'I_DONT_EXIST' in a restricted ha } } +my $hash_seed = hash_seed(); +ok($hash_seed >= 0, "hash_seed $hash_seed"); diff --git a/pod/perlrun.pod b/pod/perlrun.pod index 299cbf9..7f32e94 100644 --- a/pod/perlrun.pod +++ b/pod/perlrun.pod @@ -1150,7 +1150,7 @@ seed is sensitive information>: by knowing it one can craft a denial-of-service attack against Perl code, even remotely, see L for more information. B to people who don't need to know it. -See also hashes_random() of L. +See also hash_seed() of L. =item PERL_ROOT (specific to the VMS port) diff --git a/universal.c b/universal.c index dc9e253..15c408d 100644 --- a/universal.c +++ b/universal.c @@ -187,7 +187,7 @@ XS(XS_Internals_SvREFCNT); XS(XS_Internals_hv_clear_placehold); XS(XS_PerlIO_get_layers); XS(XS_Regexp_DESTROY); -XS(XS_Internals_hashes_random); +XS(XS_Internals_hash_seed); void Perl_boot_core_UNIVERSAL(pTHX) @@ -231,7 +231,7 @@ Perl_boot_core_UNIVERSAL(pTHX) newXSproto("PerlIO::get_layers", XS_PerlIO_get_layers, file, "*;@"); newXS("Regexp::DESTROY", XS_Regexp_DESTROY, file); - newXSproto("Internals::hashes_random",XS_Internals_hashes_random, file, ""); + newXSproto("Internals::hash_seed",XS_Internals_hash_seed, file, ""); } @@ -908,9 +908,9 @@ XS(XS_PerlIO_get_layers) XSRETURN(0); } -XS(XS_Internals_hashes_random) +XS(XS_Internals_hash_seed) { dXSARGS; - XSRETURN_IV(PL_hash_seed ? 1 : 0); + XSRETURN_UV(PL_hash_seed); }