VM: Security: Prevent DoS from hashmap collisions

dart-lang / sdk

The Dart SDK, including the VM, JS and Wasm compilers, analysis, core libraries, and more.

https://dart.dev

BSD 3-Clause "New" or "Revised" License

10.26k stars 1.58k forks source link

VM: Security: Prevent DoS from hashmap collisions #19399

Closed kevmoo closed 1 month ago

kevmoo commented 10 years ago

See https://code.google.com/p/dart/issues/detail?id=1748

This is for tracking the VM implementation of hashing algorithms

kevmoo commented 10 years ago

Marked this as blocking #1748.

kodandersson commented 10 years ago

Set owner to @kodandersson.

kodandersson commented 9 years ago

This very old feature request should have a priority assigned to it. How important is this relative to other DoS vectors, and how much performance are we willing to sacrifice?

kevmoo commented 9 years ago

I'd have to see a stack-rank of DOS vectors. :smile:

How much performance: enough to mitigate the concern. Given ruby, JS, .NET etc have handled this, I'm assuming there are ways to do it without causing big regressions.

DemiMarie commented 8 years ago

SipHash is a fast, cryptographically secure hash function.

Another option is to use trees instead of linked list to back the buckets.