K
Krishna Chaitanya
Hi, I was learning and reading about hash iterators. I am using Perl
5.8.8, and found that between 10 runs of Perl, the hash keys show up
in the same order.
======================
[kc@imits094 Perl]# for i in 1 2 3 4 5 6 7 8 9 10; do ./test.pl ; done
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
[kc@imits094 Perl]# cat test.pl
#!/usr/bin/perl
my %a;
@a{1..10} = ();
print "Keys of a are ", join(' ',keys %a), "\n";
==================
The description of "keys" function says: "Since Perl 5.8.1 the
ordering is different even between different runs of Perl for security
reasons (see Algorithmic Complexity Attacks in perlsec)."
And the perlsec page says: "In Perl 5.8.1 the random perturbation was
done by default, but as of 5.8.2 it is only used on individual hashes
if the internals detect the insertion of pathological data. If one
wants for some reason emulate the old behaviour (and expose oneself to
DoS attacks) one can set the environment variable PERL_HASH_SEED to
zero to disable the protection (or any other integer to force a known
perturbation, rather than random). One possible reason for wanting to
emulate the old behaviour is that in the new behaviour consecutive
runs of Perl will order hash keys differently, which may confuse some
applications (like Data:umper: the outputs of two different runs are
no longer identical)."
I'm confused...the ordering "is" different? or "may be" different
based on "insertion of pathological data"? But again, "the new
behaviour" above talks about different ordering of hash keys. In my
example, I don't think 1..10 is pathological data for keys...
Add to all this: "Also, the ordering of hash keys has always been, and
continues to be, affected by the insertion order."
I am totally out of my element here...can anyone shed some light on
this, please?
-KC
5.8.8, and found that between 10 runs of Perl, the hash keys show up
in the same order.
======================
[kc@imits094 Perl]# for i in 1 2 3 4 5 6 7 8 9 10; do ./test.pl ; done
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
Keys of a are 6 3 7 9 2 8 1 4 10 5
[kc@imits094 Perl]# cat test.pl
#!/usr/bin/perl
my %a;
@a{1..10} = ();
print "Keys of a are ", join(' ',keys %a), "\n";
==================
The description of "keys" function says: "Since Perl 5.8.1 the
ordering is different even between different runs of Perl for security
reasons (see Algorithmic Complexity Attacks in perlsec)."
And the perlsec page says: "In Perl 5.8.1 the random perturbation was
done by default, but as of 5.8.2 it is only used on individual hashes
if the internals detect the insertion of pathological data. If one
wants for some reason emulate the old behaviour (and expose oneself to
DoS attacks) one can set the environment variable PERL_HASH_SEED to
zero to disable the protection (or any other integer to force a known
perturbation, rather than random). One possible reason for wanting to
emulate the old behaviour is that in the new behaviour consecutive
runs of Perl will order hash keys differently, which may confuse some
applications (like Data:umper: the outputs of two different runs are
no longer identical)."
I'm confused...the ordering "is" different? or "may be" different
based on "insertion of pathological data"? But again, "the new
behaviour" above talks about different ordering of hash keys. In my
example, I don't think 1..10 is pathological data for keys...
Add to all this: "Also, the ordering of hash keys has always been, and
continues to be, affected by the insertion order."
I am totally out of my element here...can anyone shed some light on
this, please?
-KC