diff options
Diffstat (limited to 'Doc')
| -rw-r--r-- | Doc/library/sys.rst | 4 | ||||
| -rw-r--r-- | Doc/reference/datamodel.rst | 2 | ||||
| -rw-r--r-- | Doc/using/cmdline.rst | 47 |
3 files changed, 52 insertions, 1 deletions
diff --git a/Doc/library/sys.rst b/Doc/library/sys.rst index c2b7423..3af4354 100644 --- a/Doc/library/sys.rst +++ b/Doc/library/sys.rst @@ -252,11 +252,15 @@ always available. :const:`verbose` :option:`-v` :const:`bytes_warning` :option:`-b` :const:`quiet` :option:`-q` + :const:`hash_randomization` :option:`-R` ============================= ============================= .. versionchanged:: 3.2 Added ``quiet`` attribute for the new :option:`-q` flag. + .. versionadded:: 3.2.3 + The ``hash_randomization`` attribute. + .. versionchanged:: 3.3 Removed obsolete ``division_warning`` attribute. diff --git a/Doc/reference/datamodel.rst b/Doc/reference/datamodel.rst index 55fd76b..85953ad 100644 --- a/Doc/reference/datamodel.rst +++ b/Doc/reference/datamodel.rst @@ -1277,6 +1277,8 @@ Basic customization inheritance of :meth:`__hash__` will be blocked, just as if :attr:`__hash__` had been explicitly set to :const:`None`. + See also the :option:`-R` command-line option. + .. method:: object.__bool__(self) diff --git a/Doc/using/cmdline.rst b/Doc/using/cmdline.rst index 8a02b76..b97dbcd 100644 --- a/Doc/using/cmdline.rst +++ b/Doc/using/cmdline.rst @@ -24,7 +24,7 @@ Command line When invoking Python, you may specify any of these options:: - python [-bBdEhiOsSuvVWx?] [-c command | -m module-name | script | - ] [args] + python [-bBdEhiORqsSuvVWx?] [-c command | -m module-name | script | - ] [args] The most common use case is, of course, a simple invocation of a script:: @@ -227,6 +227,29 @@ Miscellaneous options .. versionadded:: 3.2 +.. cmdoption:: -R + + Turn on hash randomization, so that the :meth:`__hash__` values of str, bytes + and datetime objects are "salted" with an unpredictable random value. + Although they remain constant within an individual Python process, they are + not predictable between repeated invocations of Python. + + This is intended to provide protection against a denial-of-service caused by + carefully-chosen inputs that exploit the worst case performance of a dict + insertion, O(n^2) complexity. See + http://www.ocert.org/advisories/ocert-2011-003.html for details. + + Changing hash values affects the order in which keys are retrieved from a + dict. Although Python has never made guarantees about this ordering (and it + typically varies between 32-bit and 64-bit builds), enough real-world code + implicitly relies on this non-guaranteed behavior that the randomization is + disabled by default. + + See also :envvar:`PYTHONHASHSEED`. + + .. versionadded:: 3.2.3 + + .. cmdoption:: -s Don't add the :data:`user site-packages directory <site.USER_SITE>` to @@ -352,6 +375,7 @@ Options you shouldn't use .. _Jython: http://jython.org + .. _using-on-envvars: Environment variables @@ -460,6 +484,27 @@ These environment variables influence Python's behavior. option. +.. envvar:: PYTHONHASHSEED + + If this variable is set to ``random``, the effect is the same as specifying + the :option:`-R` option: a random value is used to seed the hashes of str, + bytes and datetime objects. + + If :envvar:`PYTHONHASHSEED` is set to an integer value, it is used as a fixed + seed for generating the hash() of the types covered by the hash + randomization. + + Its purpose is to allow repeatable hashing, such as for selftests for the + interpreter itself, or to allow a cluster of python processes to share hash + values. + + The integer must be a decimal number in the range [0,4294967295]. Specifying + the value 0 will lead to the same hash values as when hash randomization is + disabled. + + .. versionadded:: 3.2.3 + + .. envvar:: PYTHONIOENCODING If this is set before running the interpreter, it overrides the encoding used |