Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^4: Hash key composition with a comma?

by Your Mother (Bishop)
on Mar 17, 2018 at 18:34 UTC ( #1211158=note: print w/replies, xml ) Need Help??


in reply to Re^3: Hash key composition with a comma?
in thread Hash key composition with a comma?

An example, AKA proof, is actually necessary when one makes an assertion in the sciences. That you bloviated instead of backing up the statement is plenty of proof for my own assertions.

  • Comment on Re^4: Hash key composition with a comma?

Replies are listed 'Best First'.
Re^5: Hash key composition with a comma?
by LanX (Archbishop) on Mar 18, 2018 at 00:39 UTC
    I second you, cause it's very hard to construct a scenario where multi dim hashes cause a bug, even if the programmer was so naive to allow random keys.

    And the statement:

    > If your data contains the separator-character, the code breaks. 

    Is not true. The constructed key would have more separator characters but wouldn't "break".

    I'd really like to see a believable example, maybe I am missing something?

    Cheers Rolf
    (addicted to the Perl Programming Language and ☆☆☆☆ :)
    Wikisyntax for the Monastery

      Not sure if believable, but imagine
      my $k1a = "a$;b"; my $k1b = 'c'; my $k2a = 'a'; my $k2b = "b$;c"; $multi{$k1a, $k1b} = 1; $multi{$k2a, $k2b} = 2; print $multi{$k1a, $k1b}; # 2!!
      ($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord }map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,
        Yes that's pretty much the example I came up with, only after thinking hard.

        "Karl-Heinz Urban" and "Karl Heinz-Urban" would get the same entry for $age{$first,$family} if $; was "-" and consequently a Hollywood actor would change age. (This never happens normally ;)

        But you first need to construct such a collision which results in data loss.

        Intuition (and AM) says "one injected delimiter and it breaks" like $b='x"y';eval qq {$a="$b"} breaks.

        But that's not the case, you need a coincidence where both keys are polluted in a very specific way.

        And a hash with polluted entries will continue to work normally as long as Mr "Heinz-Urban" doesn't show up.

        I'd like to see a more believable scenario.

        NB: Of course I wouldn't allow polluted keys in the first way.

        Cheers Rolf
        (addicted to the Perl Programming Language and ☆☆☆☆ :)
        Wikisyntax for the Monastery

        PS : AM is thanking you for doing his "homework"! ;)

        I haven't researched this, but a coworker just suggested to me that a credible cause of this in the wild might be some unicode pollution in input expected to be ascii.

        If she's right, perhaps it's not so far-fetched.

        -sauoq
        "My two cents aren't worth a dime.";
Re^5: Hash key composition with a comma?
by sauoq (Abbot) on Mar 18, 2018 at 13:25 UTC
    An example, AKA proof, is actually necessary when one makes an assertion in the sciences.

    Firstly, examples are not proofs "in the sciences" unless they are counterexamples.

    Secondly, this is misplaced pedantry. It really is quite obvious that, when you rely on metacharacters, your data had better not inadvertently include them. This is not an assertion that needs to be proven to anybody with a modicum of programming experience. AM was entirely correct on that point.

    I'll agree that AM's admonition against using the feature was hyperbolic. Sometimes it is better to avoid the pitfalls of some language feature than it is to avoid the feature itself. And we are entirely capable of doing so. (As Rolf points out.)

    -sauoq
    "My two cents aren't worth a dime.";
      > Firstly, examples are not proofs "in the sciences" unless they are counterexamples

      Yeah, but effectively that's what Your Mother was asking for, a counterexample for the thesis that multidimensional hashes are safe.

      Hence a "proof" according to you. ;)

      update

      to elaborate more: every example proofs something, but not every proof needs an example.

      Or in formal notation:

      Example => Proof

      So of course YM's "aka" is not correct in mathematics.

      But in IT it's important to see how likely a problem is, because nothing is without risk.

      For instance the same problem might be easily solved with multidimensional keys, where hashes of hashes have a higher risk to run out of space or to be vulnerable of bugs because of higher algorithmic complexity.

      Cheers Rolf
      (addicted to the Perl Programming Language and ☆☆☆☆ :)
      Wikisyntax for the Monastery

        Yeah, but effectively that's what Your Mother was asking for, a counterexample for the thesis that multidimensional hashes are safe. . . . So of course YM's "aka" is not correct in mathematics.

        Your first point is well-taken, but yes, it was the "AKA" that prompted me to underscore the difference.

        I might not like gratuitous pedantry, but that's only when others do it. ;-)

        -sauoq
        "My two cents aren't worth a dime.";

      The reason I asked is because it's sundialsvc4 posting anonymously and inexpertly again. He absolutely could not demonstrate what you suggest. That's the point of asking him. One does not get to say, this is trivial and then substitute handwaving for technical details. An anonymous-hat-monk called me out once when I said something was semi-trivial so I backed it up because I know what I'm doing and while I'm just as in love with the sound of my keyboard as the ruler of Worst Nodes I'm also interested in helping others. This is not only a site for the competent hackers you imagine. It's also a site for beginners and knowledge seekers. Explicit examples like choroba and LanX produced serve the monastery infinitely better.

      I have said many, many times SunnyD is often half right and that allows others to read into the wrong half and make assumptions or contortions or edge-cases to make it right. But half a cup of poison is still a problem and I am going to continue to slap it out of his hands when he offers it.

        I'm not sure it's him, he doesn't have a monopoly on half-truth and this stupidity has a slightly different flavor.

        Anyway continue to "slap it out"! :)

        Cheers Rolf
        (addicted to the Perl Programming Language and ☆☆☆☆ :)
        Wikisyntax for the Monastery

        I don't know who posted it. But the content stands on its own. And what he said about the pitfalls was true even if his estimate of the danger was overblown.

        Yes, this is a place for beginners as well as competent hackers. And I agree that examples are better. But they aren't always necessary and not providing one isn't really cause for a berating, particularly on fundamental points. And if a beginner doesn't understand and would like an example, he could always ask for one, right? I assume you didn't actually need one and I question your attempt to test the AM.

        Not that any of this is as important as we are making it. You have a stated dislike for anonymous posting; I have a stated dislike for gratuitous pedantry. I think this thread brought up each of our pet peeves.

        -sauoq
        "My two cents aren't worth a dime.";

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1211158]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (3)
As of 2019-10-21 03:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?