randomise hash function use
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mksh |
In Progress
|
Low
|
Unassigned |
Bug Description
THIS IS *NOT* A SECURITY VULNERABILITY IN THE SCOPE OF mksh!
Related discussion: https:/
Use of the hash function for hashtables shall be randomised.
Target series: R41
Affected areas:
- hash tables (no; support for the associative arrays feature is as of now nonexistant)
- arrays (no; they are currently implemented as linked lists, which is another bug)
- parameters (yes, but nobody is so stupid to read user-specified data into them with evil, erm eval)
- other ktscan uses (no; not exposed to user data or scripts)
Fix direction:
• store seed with each hashtable
• ${foo@#arithexpr} will use arithexpr (default 0) as seed; consistent with current implementation
• dot.mkshrc: split off Lnz{a,aa}
Fix implementation: split LCG, $RANDOM handling and genertic hashtable code into a new file, use that from the rest; probably goes well together with the planned-for-R41 change of indexed arrays to also use hashtables
Changed in mksh: | |
importance: | Undecided → Low |
status: | New → In Progress |