Merge from 3.1: Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)

in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.

The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior.

1 files changed, 4 insertions, 2 deletions

diff --git a/Python/sysmodule.c b/Python/sysmodule.c
index 8a659c5e46..c4f27d0868 100644
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c
@@ -1368,6 +1368,7 @@ static PyStructSequence_Field flags_fields[] = {
     /* {"skip_first",                   "-x"}, */
     {"bytes_warning",           "-b"},
     {"quiet",                   "-q"},
+    {"hash_randomization",      "-R"},
     {0}
 };
 
@@ -1376,9 +1377,9 @@ static PyStructSequence_Desc flags_desc = {
     flags__doc__,       /* doc */
     flags_fields,       /* fields */
 #ifdef RISCOS
-    13
+    14
 #else
-    12
+    13
 #endif
 };
 
@@ -1412,6 +1413,7 @@ make_flags(void)
     /* SetFlag(skipfirstline); */
     SetFlag(Py_BytesWarningFlag);
     SetFlag(Py_QuietFlag);
+    SetFlag(Py_HashRandomizationFlag);
 #undef SetFlag
 
     if (PyErr_Occurred()) {