Bug #13376
Symbol#hash is deterministic on 2.3
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-darwin16]
Description
I believe the Symbol#hash should probably be non-deterministic, due to CVE-2011-4815. That seems to be the behaviour on 2.2 and 2.4, but not on 2.3. Was this a conscious decision at the time? Or is it a bug?
$ 2.2.6/bin/ruby -e 'puts :foo.hash' -505215953858886063 $ 2.2.6/bin/ruby -e 'puts :foo.hash' 3929535091178311289 $ 2.3.3/bin/ruby -e 'puts :foo.hash' 2810 $ 2.3.3/bin/ruby -e 'puts :foo.hash' 2810 $ 2.4.0/bin/ruby -e 'puts :foo.hash' -1200094397129038718 $ 2.4.0/bin/ruby -e 'puts :foo.hash' -916960310565036298
Files