Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why is this hash, created from a constant list, "in different order" each time the program is run?

Tags:

hash

perl

Below is the small script in Perl. Every time I run this code I'm getting different output.

Can anyone help me to understand the basics of storage of hash variables, that is how indexing is done for the key value pairs of Perl's hash variable. 

#!/usr/bin/perl

%data = ('John Paul' => 45, 'Lisa' => 30, 'Kumar' => 40);
@names = keys %data;
print "$names[0]\n";
print "$names[1]\n";
print "$names[2]\n";
like image 460
Ataul Haque Avatar asked Feb 18 '15 19:02

Ataul Haque

2 Answers

The behaviour is documented in perlsec's Algorithmic Complexity Attacks.

A hash is an array of linked lists. A hashing function converts the key into a number which is used as the index of the array element ("bucket") into which to store the value. More than one key can hash to the same index ("collision"), a situation handled by the linked lists.

If a malicious user knew the hashing algorithm, he could devise values that would hash to the same index, causing the hash to degenerate into a linked list. This can lead to huge performance drops in some applications, and thus can be used as part of a denial of service (DoS) attack.

Two measures are taken to avoid that. One is to salt the hashing algorithm to randomize the order in which elements are stored, and the other makes it harder to detect the salt by perturbing the order in which the iterator visits the hash elements.

$ perl -E'
   my @k = "a".."z";
   for (1..3) {
      my %h = map { $_ => 1 } @k;
      say keys %h;
   }
'
iocmbygdkranwxfejuqpzvltsh
bmcoigdywrankujfxezpqlvths
juexfwarnkgdybmcoihstlvzpq
like image 144
ikegami Avatar answered Nov 14 '22 07:11

ikegami

This behavior is described in perldoc -f keys

Hash entries are returned in an apparently random order. The actual random order is specific to a given hash; the exact same series of operations on two hashes may result in a different order for each hash. Any insertion into the hash may change the order, as will any deletion, with the exception that the most recent key returned by each or keys may be deleted without changing the order. So long as a given hash is unmodified you may rely on keys, values and each to repeatedly return the same order as each other.

.. in order to prevent Algorithmic Complexity Attacks

like image 38
mpapec Avatar answered Nov 14 '22 08:11

mpapec
Sign in to Comment

Related questions

Perl regex with exclamation marks
How can I use a query with placeholder inside quotes? (perl / postgresql)
Perl one-liner to increment a value
How to split this array in perl?
Is there an "undefined but true" value analogous to "0 but true"?
How can I tell why my Perl code is spending so much time in kernel space ("sy" in top)?
Perl 5.16 on windows 7 failed to install Template Toolkit
Compile time and run time in Perl
Perl Dancer trailing slash
Perl finding a file based off it's extension through all subdirectories
Check if directory exists in ~/ using Perl
How to check today is Monday in Perl ?
Perl: Can't call method "say" without a package or object reference
Perl CPAN dictionary
Use Perl PDL to rotate a matrix
Break out of innermost loop in nested while loops in perl: Label not found
Perl assign regex match groups to variables
What is this Perl syntax construct?
Why does sprintf round the fractional part of 5.555 and 0.555 differently? [duplicate]
How to calculate a date a week ago from today

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!