#define HV_MAX_LENGTH_BEFORE_SPLIT 14
makes it a much higher trashold for most normal keys to trigger rehashing, but I'm happy that the new test is happily failing to find a previously cached stash, despite the high treshold.
I have two remaining issues on the test side (before trying to fix things):
1) replace the hardcoded attack input (from the original attack report by Scott) to something that's autogenerated. I want a sub that I can ask for N number of hash keys that will collapse into the same list.
2) I need some way to verify that the attack has been successfully performed, so if in the future the hashing algorithm or the threshold change this test won't be misleadingly successful even though the problem may exist. Since Nick added a special flag to HVs that were re-hashed, can we get a B:: function that can check for this flag?
At the moment I do a visual check, by looking for the debug print I've planted into hv.c, so error_log looks like:
==> starting
We are under attack. But Do Not Panic
==> ending
[Thu Oct 30 16:37:08 2003] [error] lookup of 'TestPerl::hash_attack::handler' failed
Here is the test:
package TestPerl::hash_attack;
use strict; use warnings FATAL => 'all';
use Apache::Test; use Apache::TestUtil; use Apache::TestTrace;
use Apache::Const -compile => 'OK';
my $input = <<EOI; benniefubenniefubenniefu benniefubenniefubeoppifu benniefubenniefubheuoalp benniefubenniefubheyppdl benniefubenniefubxifmbwv benniefubenniefucdsuauht benniefubenniefucrphalzb benniefubenniefufdesinvt benniefubenniefufhbalgiw benniefubenniefufkqidvqy benniefubenniefufwlfnorp benniefubenniefugbuocxbt benniefubenniefugkcdnowo benniefubenniefugzpjjakt benniefubenniefuiwzmsjwx benniefubenniefujeozrmvb benniefubenniefujevvfjsf benniefubenniefujlomraai benniefubenniefujlyzcvrw benniefubenniefujptanaai benniefubenniefujwnieayi benniefubenniefulpvzqpqq benniefubenniefunwtftrcn benniefubenniefunwtjqhgn benniefubenniefupmuzbpmh benniefubenniefupwbstdms benniefubenniefuqdazlxxp benniefubenniefuqnprevxm benniefubenniefutbwofcgp benniefubenniefutgxvpmnc benniefubenniefutjqfofzs benniefubenniefutsljwgxt benniefubenniefutwekfzcc benniefubenniefutxrmfxhd benniefubenniefutzdfehma benniefubenniefuubulupaw benniefubenniefuupychihz benniefubenniefuvanvqkid benniefubenniefuvcakywsm benniefubenniefuveliggml EOI
# create conditions which will trigger a rehash on the current stash
# (__PACKAGE)
sub fixup {
my $r = shift;
no strict 'refs';
debug "starting attack";
for (split /\n/, $input) {
my $symbol = __PACKAGE__ . "::$_";
#autovivify
$$symbol++;
}
debug "ending attack";return Apache::DECLINED; }
# if the rehashing of the keys in the stash happens due to the hash attack,
# mod_perl must not fail to find the previously cached stash (response
# handler in this case)
sub handler {
my $r = shift;
plan $r, tests => 1;
ok 1;
return Apache::OK;
}1; __END__ PerlModule TestPerl::hash_attack PerlFixupHandler TestPerl::hash_attack::fixup
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
