Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:58934
Return-Path: <simonsimcity@googlemail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 95843 invoked from network); 14 Mar 2012 20:27:00 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 14 Mar 2012 20:27:00 -0000
Authentication-Results: pb1.pair.com header.from=simonsimcity@googlemail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=simonsimcity@googlemail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain googlemail.com designates 209.85.213.170 as permitted sender)
X-PHP-List-Original-Sender: simonsimcity@googlemail.com
X-Host-Fingerprint: 209.85.213.170 mail-yx0-f170.google.com  
Received: from [209.85.213.170] ([209.85.213.170:41915] helo=mail-yx0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 1F/57-51575-31FF06F4 for <internals@lists.php.net>; Wed, 14 Mar 2012 15:27:00 -0500
Received: by yenl5 with SMTP id l5so2634511yen.29
        for <internals@lists.php.net>; Wed, 14 Mar 2012 13:26:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=re983lbRiQbyPhlHCS1uocJAXcq7tgEkUNdn0zAzdrQ=;
        b=ONo7o+sVEonBTf8xUdmJFwM64mVvmDSZ9GGnR4tVLRIQ1BQ6Xsz8leIgrhK3+EoisI
         r04/LIHAQCgz6xzB/YzZH8FBAvlRcgObjZV/j04F0/csYu/PMVkvGsUp8ijzVqdQOn/e
         NX4Z2uW6F2qG1vZ/PROf5NR9TDx0i2RrEXGbFv/aW7YyymCM8c2KrVACCbL+NTiBCJ/e
         JEhij/iV4oWPBmmBjC+V7lV+X7qIEUWWefdv/X7Dc7vP0R15QsQihqQ9iwaEkl+sS59x
         6cwWIQx/s+UBqvsBMUMpujJRFcWo2rLls5+zccdz48w16Safat9eq8CWFKMevyvEg0GR
         6Jqg==
MIME-Version: 1.0
Received: by 10.60.8.103 with SMTP id q7mr5074649oea.61.1331756816839; Wed, 14
 Mar 2012 13:26:56 -0700 (PDT)
Received: by 10.60.18.162 with HTTP; Wed, 14 Mar 2012 13:26:56 -0700 (PDT)
Date: Wed, 14 Mar 2012 21:26:56 +0100
Message-ID: <CAJWj5+HwwLCzc2QXkYgTba+6CT5Liae3ZG2TrCThqx+C6mkS8A@mail.gmail.com>
To: PHP Internals List <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=e89a8ff1c7defeb47904bb39cbe4
Subject: Randomize hash-function in php
From: simonsimcity@googlemail.com (Simon Schick)

--e89a8ff1c7defeb47904bb39cbe4
Content-Type: text/plain; charset=UTF-8

Hi, All

I just came around that talk a couple of days ago ..
http://www.youtube.com/watch?v=R2Cq3CLI6H8

I don't know much about hash-maps and internal php-stuff at all, but they
say that the fix provided in 5.3.9 (and 5.4.0) is more a work-around than a
fix ...
Would it be an option to provide a real fix in PHP 6.0? They got the
feedback that this will take some time and is not trivial, but we have a
good time before PHP6 and can also break backwards compatibility for
php-plugins if really necessary.

As they said in the movie, PHP seems to have the algorithm DJBX33A
implemented as Ruby. So as they're so proud of the fix provided by the
Ruby-Team, may we can use that for PHP as well :)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4815

This is not much because some attacker can do something, but what if you
have a real-world-application that (for some reason) build up an array that
just will blow up because of that? I haven't experienced that until now,
but it's possible ...

Bye
Simon

--e89a8ff1c7defeb47904bb39cbe4--