Re: [ANN] Lua 5.2.1 (work1) now available

[Xavier Wang <weasley.wx@...>]

2012/3/23 John Graham-Cumming <jgc@jgc.org>:
> On Thu, Mar 22, 2012 at 16:44, Roberto Ierusalimschy
> <roberto@inf.puc-rio.br> wrote:
>>
>> > So, can makes long string just using a few of bytes to calculate hash
>> > value? using a random seed to choose how to skip bytes? this will be
>> > better.
>>
>> Yes, that may be a good idea. But note that the proposal has two
>> different things (that maybe we should have tried separately).
>
>
> Doing that might not be a good idea from a security perspective.  If the
> random seed were just used to chose the 'hop' between characters in the hash
> then it wouldn't take much to run through all possible 'hops' and DoS the
> hash.  The only way to do that would be to hop randomly from character to
> character based on the seed.
>
> John.
>

No, the long string won't be internalized if you don't use they as
table key. so it's doesn't matter to makes hash table and string table
snow. and, amount of all possible hops will be very large. if the
character used to hash is greater than LUA_MINSHORTLEN, the attacker
will has no chance get his string calculated hash.

for developers, just not using untrusted string for table key. that's
not unacceptable. and if they need do so, the work1 patch may makes
program very slow (think about a 1M string, character by character
calculate hash value), that also is a DoS attack.