[armedbear-cvs] r13720 - trunk/abcl/src/org/armedbear/lisp

ehuelsmann at common-lisp.net ehuelsmann at common-lisp.net
Thu Jan 5 21:56:45 UTC 2012 

Author: ehuelsmann
Date: Thu Jan  5 13:56:44 2012
New Revision: 13720

Log:
String hash randomization.

Modified:
   trunk/abcl/src/org/armedbear/lisp/ComplexString.java
   trunk/abcl/src/org/armedbear/lisp/Lisp.java
   trunk/abcl/src/org/armedbear/lisp/SimpleString.java

Modified: trunk/abcl/src/org/armedbear/lisp/ComplexString.java
==============================================================================
--- trunk/abcl/src/org/armedbear/lisp/ComplexString.java	Wed Jan  4 21:42:04 2012	(r13719)
+++ trunk/abcl/src/org/armedbear/lisp/ComplexString.java	Thu Jan  5 13:56:44 2012	(r13720)
@@ -517,7 +517,7 @@
   @Override
   public int sxhash()
   {
-    int hashCode = 0;
+    int hashCode = randomStringHashBase;
     final int limit = length();
     for (int i = 0; i < limit; i++)
       {
@@ -535,7 +535,7 @@
   @Override
   public int psxhash()
   {
-    int hashCode = 0;
+    int hashCode = randomStringHashBase;
     final int limit = length();
     for (int i = 0; i < limit; i++)
       {

Modified: trunk/abcl/src/org/armedbear/lisp/Lisp.java
==============================================================================
--- trunk/abcl/src/org/armedbear/lisp/Lisp.java	Wed Jan  4 21:42:04 2012	(r13719)
+++ trunk/abcl/src/org/armedbear/lisp/Lisp.java	Thu Jan  5 13:56:44 2012	(r13720)
@@ -141,6 +141,13 @@
   // End-of-file marker.
   public static final LispObject EOF = new LispObject();
 
+  // String hash randomization base
+  // Sets a base offset hashing value per JVM session, as an antidote to
+  // http://www.nruns.com/_downloads/advisory28122011.pdf
+  //    (Denial of Service through hash table multi-collisions)
+  public static final int randomStringHashBase =
+          (int)(new java.util.Date().getTime());
+  
   public static boolean profiling;
 
   public static boolean sampling;

Modified: trunk/abcl/src/org/armedbear/lisp/SimpleString.java
==============================================================================
--- trunk/abcl/src/org/armedbear/lisp/SimpleString.java	Wed Jan  4 21:42:04 2012	(r13719)
+++ trunk/abcl/src/org/armedbear/lisp/SimpleString.java	Thu Jan  5 13:56:44 2012	(r13720)
@@ -416,7 +416,7 @@
     @Override
     public int sxhash()
     {
-        int hashCode = 0;
+        int hashCode = randomStringHashBase;
         for (int i = 0; i < capacity; i++) {
             hashCode += chars[i];
             hashCode += (hashCode << 10);
@@ -426,13 +426,13 @@
         hashCode ^= (hashCode >> 11);
         hashCode += (hashCode << 15);
         return (hashCode & 0x7fffffff);
-    }
+        }
 
     // For EQUALP hash tables.
     @Override
     public int psxhash()
     {
-        int hashCode = 0;
+        int hashCode = randomStringHashBase;
         for (int i = 0; i < capacity; i++) {
             hashCode += Character.toUpperCase(chars[i]);
             hashCode += (hashCode << 10);

More information about the armedbear-cvs mailing list