Prevent Hash DoS in python

open source projects

Denial of Service through hash table multi-collisions or Hash DoS has been first reported in 28-Dec-2011 [1].

Python and Ruby are partially vulnerable, depending on version or whether the server running the code is a 32 bit or 64 bit machine. Python 2 by default does not provide random value for PYTHONHASHSEED [2] though it’s behaviour is changed in python 3 [3] which means it has random as it default value.



Saurabh Kumar