Jim Jewett <jimjjew...@gmail.com> added the comment: On Wed, Jan 25, 2012 at 1:05 PM, Antoine Pitrou <pit...@free.fr> added the comment:
> It looks like that approach will break any non-builtin type (in either C > or Python) which can compare equal to bytes or str objects. If that's > the case, then I think the likelihood of acceptance is close to zero. (1) Isn't that true of *any* patch that changes hashing? (Thus the PYTHONHASHSEED=0 escape hatch.) (2) I think it would still work for the lookdict_string (or lookdict_unicode) case ... which is the normal case, and also where most vulnerabilities should appear. (3) If the alternate hash is needed for non-string keys, there is no perfect resolution, but I suppose you could get closer with if obj == str(obj): newhash=hash(str(obj)) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13703> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com