From 04739ba61744046ac145b384aa9053429c80142f Mon Sep 17 00:00:00 2001
From: akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Fri, 20 Jun 2008 02:46:17 +0000
Subject: * string.c (rb_memhash): randomize hash to avoid algorithmic  
 complexity attacks.   (rb_str_hash): use rb_memhash.

* include/ruby/intern.h (rb_reset_random_seed): declared.

* thread.c (rb_thread_atfork): call rb_reset_random_seed.

* inits.c (rb_call_inits): call Init_RandomSeed at first.

* random.c (seed_initialized): defined.
  (fill_random_seed): extracted from random_seed.
  (make_seed_value): extracted from random_seed.
  (rb_f_rand): initialize random seed at first.
  (initial_seed): defined.
  (Init_RandomSeed): defined.
  (Init_RandomSeed2): defined.
  (rb_reset_random_seed): defined.
  (Init_Random): call Init_RandomSeed2.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@17465 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 test/ruby/test_string.rb | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'test/ruby/test_string.rb')

diff --git a/test/ruby/test_string.rb b/test/ruby/test_string.rb
index 55cef9001e..869e31b641 100644
--- a/test/ruby/test_string.rb
+++ b/test/ruby/test_string.rb
@@ -683,6 +683,17 @@ class TestString < Test::Unit::TestCase
     assert(S("hello").hash != S("helLO").hash)
   end
 
+  def test_hash_random
+    str = 'abc'
+    a = [str.hash.to_s]
+    3.times {
+      EnvUtil.rubyexec("-e", "print #{str.dump}.hash") {|i,o,e|
+        a << o.read
+      }
+    }
+    assert_not_equal([str.hash.to_s], a.uniq)
+  end
+
   def test_hex
     assert_equal(255,  S("0xff").hex)
     assert_equal(-255, S("-0xff").hex)
-- 
cgit v1.2.3