From: Alain Frisch <alain@frisch.fr>
To: David Allsopp <dra-news@metastack.com>
Cc: Romain Bardou <bardou@lsv.ens-cachan.fr>,
"caml-list@inria.fr" <caml-list@inria.fr>
Subject: Re: [Caml-list] Re: [oss-security] CVE request: Hash DoS vulnerability (ocert-2011-003)
Date: Tue, 13 Mar 2012 19:58:34 +0100 [thread overview]
Message-ID: <4F5F98DA.8080806@frisch.fr> (raw)
In-Reply-To: <E51C5B015DBD1348A1D85763337FB6D9C28B120A@Remus.metastack.local>
On 03/13/2012 07:27 PM, David Allsopp wrote:
> +1. Surely in projects where repeatability is important, the change in behaviour to randomly seeded tables would be quickly noticed
The problem is that the randomization might go unnoticed if the
high-level outputs of the program does not depend on the ordering when
enumerating the hash table (because the "interesting" algorithms built
above the hash table is supposed to be invariant w.r.t. the ordering of
their input). So the programmer doesn't turn randomization off, but one
day, the end-user discovers a bug (caused by a very subtle bug in the
algorithm, which in fact, depends on the ordering), and one cannot
reproduce it.
Ocsigen and other web libraries can decide to turn randomization on by
default to protect their users, but for a general purpose programming
system like OCaml's stdlib, increasing reproducibility seems more
important than protecting programmers from high-level defects
(possibility of DoS) caused by a poor choice or use of low-level data
structure.
Alain
next prev parent reply other threads:[~2012-03-13 18:58 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4F3078F1.8070105@redhat.com>
2012-02-07 1:10 ` Kurt Seifried
2012-02-07 8:34 ` Richard W.M. Jones
2012-03-10 7:31 ` Richard W.M. Jones
2012-03-10 12:31 ` Gerd Stolpmann
2012-03-12 18:03 ` Xavier Leroy
2012-03-13 9:54 ` Romain Bardou
2012-03-13 11:58 ` Paolo Donadeo
2012-03-13 12:31 ` Philippe Veber
2012-03-13 13:23 ` Gerd Stolpmann
2012-03-13 15:39 ` Romain Bardou
2012-03-13 18:27 ` David Allsopp
2012-03-13 18:58 ` Alain Frisch [this message]
2012-03-13 18:08 ` Dario Teixeira
2012-03-13 18:28 ` David Allsopp
2012-03-14 9:23 ` Xavier Leroy
2012-03-13 16:52 ` Richard W.M. Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F5F98DA.8080806@frisch.fr \
--to=alain@frisch.fr \
--cc=bardou@lsv.ens-cachan.fr \
--cc=caml-list@inria.fr \
--cc=dra-news@metastack.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).