Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

DOS attack with hash collisions (Perl rulez)

by LanX (Canon)
on Dec 29, 2011 at 16:28 UTC ( #945526=perlquestion: print w/ replies, xml ) Need Help??
LanX has asked for the wisdom of the Perl Monks concerning the following question:

Hi

Germany's biggest online-newspaper puplished today that most webservers are vulnerable because of hash-collisions in web-languages.

Since they didn't mention Perl, I did some investigation finding this publication

http://www.nruns.com/_downloads/advisory28122011.pdf

So Perl already fixed this in 2003 and the authors used this knowledge to attack the other languages ... xD

see also hash collision DOS

I remember that this issue was mentioned somewhere in the perldocs (IMHO regarding the unpredictable order of storing hash-values)...

Question: Can someone help me find the corresponding perldocs?

Cheers Rolf

Comment on DOS attack with hash collisions (Perl rulez)
Re: DOS attack with hash collisions (Perl rulez)
by RedElk (Hermit) on Dec 29, 2011 at 17:05 UTC

    This what you are looking for?

      Exactly! Thanks! :)

      Cheers Rolf

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://945526]
Approved by ikegami
Front-paged by Arunbear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (17)
As of 2014-07-31 13:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (248 votes), past polls