Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

DOS attack with hash collisions (Perl rulez)

by LanX (Canon)
on Dec 29, 2011 at 16:28 UTC ( #945526=perlquestion: print w/ replies, xml ) Need Help??
LanX has asked for the wisdom of the Perl Monks concerning the following question:

Hi

Germany's biggest online-newspaper puplished today that most webservers are vulnerable because of hash-collisions in web-languages.

Since they didn't mention Perl, I did some investigation finding this publication

http://www.nruns.com/_downloads/advisory28122011.pdf

So Perl already fixed this in 2003 and the authors used this knowledge to attack the other languages ... xD

see also hash collision DOS

I remember that this issue was mentioned somewhere in the perldocs (IMHO regarding the unpredictable order of storing hash-values)...

Question: Can someone help me find the corresponding perldocs?

Cheers Rolf

Comment on DOS attack with hash collisions (Perl rulez)
Re: DOS attack with hash collisions (Perl rulez)
by RedElk (Hermit) on Dec 29, 2011 at 17:05 UTC

    This what you are looking for?

      Exactly! Thanks! :)

      Cheers Rolf

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://945526]
Approved by ikegami
Front-paged by Arunbear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (4)
As of 2014-07-26 02:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (175 votes), past polls