On 1/20/2012 10:55 AM, Frank Sievertsen wrote:
Hello,
I still see at least two ways to create a DOS attack even with the
collison-counting-patch.
2. The second attack actually attacks that 1000 allowed string
comparisons are still a lot of work.
First I added 999 strings that collide with a one-byte string "a". In
some applications a zero-byte string might work even better. Then I
can add a many thousand of the "a"'s, just like the first attack.
If 1000 were replaced by, for instance, random.randint(700,1000) the
dict could not be set to have an exception triggered with one other
entry (which I believe was Martin's idea). But I suppose you would say
that 699 entries would still make for much work.
The obvious defense for this particular attack is to reject duplicate
keys. Perhaps there should be write-once string sets and dicts available.
This gets to the point that there is no best blind defense to all
possible attacks.
--
Terry Jan Reedy
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
