[PATCH] hash.c (any_hash): make static symbol hash non-deterministic

[PATCH] hash.c (any_hash): make static symbol hash non-deterministic

[Eric Wong]

Hashes for static symbols need to be seeded with the random hash
seed to avoid deterministic results.  Deterministic hash results
leaves the door open for DoS attacks such as CVE-2011-4815.

* hash.c (any_hash): make static symbol hash non-deterministic
* test/ruby/test_symbol.rb (test_hash_nondeterministic): new test
  [ruby-core:80430] [Bug #13376]
---
 hash.c                   |  1 +
 test/ruby/test_symbol.rb | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/hash.c b/hash.c
index 58a3d04023..d9826c4053 100644
--- a/hash.c
+++ b/hash.c
@@ -139,6 +139,7 @@ any_hash(VALUE a, st_index_t (*other_func)(VALUE))
 	if (a == Qundef) return 0;
 	if (STATIC_SYM_P(a)) {
 	    hnum = a >> (RUBY_SPECIAL_SHIFT + ID_SCOPE_SHIFT);
+	    hnum = rb_hash_start(hnum);
 	    goto out;
 	}
 	else if (FLONUM_P(a)) {
diff --git a/test/ruby/test_symbol.rb b/test/ruby/test_symbol.rb
index ce3b0d652f..34cd886141 100644
--- a/test/ruby/test_symbol.rb
+++ b/test/ruby/test_symbol.rb
@@ -411,4 +411,14 @@ def test_not_freeze
     assert_equal str, str.to_sym.to_s
     assert_not_predicate(str, :frozen?, bug11721)
   end
+
+  def test_hash_nondeterministic
+    ruby = EnvUtil.rubybin
+    refute_equal `#{ruby} -e 'puts :foo.hash'`, `#{ruby} -e 'puts :foo.hash'`,
+                 '[ruby-core:80430] [Bug #13376]'
+
+    sym = "dynsym_#{Random.rand(10000)}_#{Time.now}"
+    refute_equal `#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`,
+                 `#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`
+  end
 end
-- 
EW