diff options
| -rw-r--r-- | perl.c | 6 | ||||
| -rw-r--r-- | pod/perlrun.pod | 18 |
2 files changed, 10 insertions, 14 deletions
@@ -901,11 +901,7 @@ setuid perl scripts securely.\n"); /* [perl #22371] Algorimic Complexity Attack on Perl 5.6.1, 5.8.0 * This MUST be done before any hash stores or fetches take place. */ { - bool earlytaint = doing_taint(argc, argv, env); - char *s = NULL; - - if (!earlytaint) - s = PerlEnv_getenv("PERL_HASH_SEED"); + char *s = PerlEnv_getenv("PERL_HASH_SEED"); if (s) while (isSPACE(*s)) s++; if (s && isDIGIT(*s)) diff --git a/pod/perlrun.pod b/pod/perlrun.pod index 49573a60a3..26d0bc424a 100644 --- a/pod/perlrun.pod +++ b/pod/perlrun.pod @@ -1108,12 +1108,11 @@ PERL_ENCODING environment variable is consulted for an encoding name. =item PERL_HASH_SEED -(Since Perl 5.8.1.) - -Used to randomise Perl's internal hash function. To emulate the -pre-5.8.1 behaviour, set to an integer (zero means exactly the same -order as 5.8.0). "Pre-5.8.1" means, among other things, that hash -keys will be ordered the same between different runs of Perl. +(Since Perl 5.8.1.) Used to randomise Perl's internal hash function. +To emulate the pre-5.8.1 behaviour, set to an integer (zero means +exactly the same order as 5.8.0). "Pre-5.8.1" means, among other +things, that hash keys will be ordered the same between different runs +of Perl. The default behaviour is to randomise unless the PERL_HASH_SEED is set. If Perl has been compiled with C<-DUSE_HASH_SEED_EXPLICIT>, the default @@ -1121,14 +1120,15 @@ behaviour is B<not> to randomise unless the PERL_HASH_SEED is set. If PERL_HASH_SEED is unset or set to a non-numeric string, Perl uses the pseudorandom seed supplied by the operating system and libraries. -If unset, each different run of Perl will have different ordering of -the outputs of keys(), values(), and each(). +This means that each different run of Perl will have a different +ordering of the results of keys(), values(), and each(). See L<perlsec/"Algorithmic Complexity Attacks"> for more information. =item PERL_HASH_SEED_DEBUG -Set to (anything) to display the value of the hash seed. +(Since Perl 5.8.1.) Set to (anything) to display (to STDERR) +the value of the hash seed at the beginning of execution. =item PERL_ROOT (specific to the VMS port) |