Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 05 May 2015 09:44:00 +0200
From: Florian Weimer <fweimer@...hat.com>
To: mancha <mancha1@...o.com>, oss-security@...ts.openwall.com
Subject: Re: PHP and some == wonkiness

On 05/05/2015 09:26 AM, mancha wrote:

> Taking sha1 as our reference hash and "==" as our equivalence relation:
> 
> All [a-f][0-9a-f]{39} are in equivalence class A.
> 
> All 42[a-f][0-9a-f]{37} are in equivalence class B.
> 
> Note: those regexes aren't representative of the full equivalence
> classes because prepending 0s doesn't alter the value (i.e.
> 0[a-f][0-9a-f]{38} is in equivalence class "A" as well..

I cannot reproduce this.  Or you use “equivalence class” in a
non-standard way.

-- 
Florian Weimer / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ