http://d.puremagic.com/issues/show_bug.cgi?id=7179

           Summary: Hash algorithm vulnerable to algorithmic complexity
                    attacks
           Product: D
           Version: D1 & D2
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: druntime
        AssignedTo: nob...@puremagic.com
        ReportedBy: bugzi...@digitalmars.com


--- Comment #0 from Walter Bright <bugzi...@digitalmars.com> 2011-12-28 
22:24:41 PST ---
http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf

The hash functions used in the associative array implementation have a worst
case performance of O(n*n). This can be exploited to produce denial-of-service
attacks on a web service using these hash functions. The paper suggests ways to
mitigate it.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------

Reply via email to