caleb-brown/redict
1
0
Fork 0
mirror of https://codeberg.org/redict/redict.git synced 2025-01-23 16:48:27 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity
adeed29a99
redict/src
History
antirez adeed29a99 Use SipHash hash function to mitigate HashDos attempts. 
This change attempts to switch to an hash function which mitigates
the effects of the HashDoS attack (denial of service attack trying
to force data structures to worst case behavior) while at the same time
providing Redis with an hash function that does not expect the input
data to be word aligned, a condition no longer true now that sds.c
strings have a varialbe length header.

Note that it is possible sometimes that even using an hash function
for which collisions cannot be generated without knowing the seed,
special implementation details or the exposure of the seed in an
indirect way (for example the ability to add elements to a Set and
check the return in which Redis returns them with SMEMBERS) may
make the attacker's life simpler in the process of trying to guess
the correct seed, however the next step would be to switch to a
log(N) data structure when too many items in a single bucket are
detected: this seems like an overkill in the case of Redis.

SPEED REGRESION TESTS:

In order to verify that switching from MurmurHash to SipHash had
no impact on speed, a set of benchmarks involving fast insertion
of 5 million of keys were performed.

The result shows Redis with SipHash in high pipelining conditions
to be about 4% slower compared to using the previous hash function.
However this could partially be related to the fact that the current
implementation does not attempt to hash whole words at a time but
reads single bytes, in order to have an output which is endian-netural
and at the same time working on systems where unaligned memory accesses
are a problem.

Further X86 specific optimizations should be tested, the function
may easily get at the same level of MurMurHash2 if a few optimizations
are performed.
2017-02-20 17:29:17 +01:00
..
modules Use const in modules types mem_usage method. 2017-01-12 12:47:46 +01:00
.gitignore Ignore gcov/lcov artifacts 2012-04-13 17:52:33 -07:00
adlist.c various cleanups and minor fixes 2016-04-25 16:49:57 +03:00
adlist.h BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
ae_epoll.c various cleanups and minor fixes 2016-04-25 16:49:57 +03:00
ae_evport.c ae.c event loop: API to resize the fd set size on the run. 2013-06-28 16:39:49 +02:00
ae_kqueue.c No more trailing spaces in Redis source code. 2014-06-26 18:48:40 +02:00
ae_select.c Include 'fd_set' type name 2016-06-07 16:46:00 -04:00
ae.c ae.c: Fix delay until next timer event. 2016-04-04 14:13:46 +02:00
ae.h Fix ae.c to avoid timers infinite loop. 2016-04-04 08:50:58 +02:00
anet.c fix tcp binding when IPv6 is unsupported 2016-09-09 14:59:21 +02:00
anet.h Fix ae.c to avoid timers infinite loop. 2016-04-04 08:50:58 +02:00
aof.c fix #2883, #2857 pipe fds leak when fork() failed on bg aof rw 2017-02-20 10:22:57 +01:00
asciilogo.h BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
atomicvar.h Remove "Hey!" warning... 2016-10-19 10:43:40 +02:00
bio.c Lazyfree: ability to free whole DBs in background. 2015-10-01 13:02:26 +02:00
bio.h Threaded lazyfree WIP #1. 2015-10-01 13:02:25 +02:00
bitops.c bitops.c/bitfieldCommand: update higest_write_offset with check 2016-10-22 01:54:46 +08:00
blocked.c Module: API to block clients with threading support. 2016-10-07 11:55:35 +02:00
childinfo.c Clear child data when opening the pipes. 2016-09-19 14:11:17 +02:00
cluster.c Fix MIGRATE closing of cached socket on error. 2017-02-09 09:58:38 +01:00
cluster.h Cluster announce ip / port initial implementation. 2016-01-29 09:06:37 +01:00
config.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
config.h HAVE_SYNC_FILE_RANGE should be protected by ifdef __linux__. 2015-02-10 09:29:14 +01:00
crc16.c RDMF (Redis/Disque merge friendlyness) refactoring WIP 1. 2015-07-26 15:17:18 +02:00
crc64.c Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
crc64.h Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
db.c active memory defragmentation 2016-12-30 03:37:52 +02:00
debug.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
debugmacro.h Use the standard predefined identifier __func__ (since C99) 2016-08-04 15:12:12 +08:00
defrag.c Defrag: don't crash when a module value is encountered. 2017-01-12 09:50:40 +01:00
dict.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
dict.h Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
endianconv.c Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
endianconv.h Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
evict.c Volatile-ttl eviction policy implemented in terms of the pool. 2016-07-20 19:54:12 +02:00
expire.c Writable slaves expires: fix leak in key tracking. 2016-12-13 16:27:13 +01:00
fmacros.h Silence _BSD_SOURCE warnings in glibc 2.20 and forward 2014-12-05 12:41:59 +11:00
geo.c Geo: fix GEOHASH return value for consistency. 2016-12-20 10:20:13 +01:00
geo.h RDMF (Redis/Disque merge friendlyness) refactoring WIP 1. 2015-07-26 15:17:18 +02:00
geohash_helper.c Geo: fix computation of bounding box. 2016-12-05 14:02:32 +01:00
geohash_helper.h Fix definition of M_PI in geohash_helper.c. 2016-07-06 16:31:11 +02:00
geohash.c Multiple GEORADIUS bugs fixed. 2016-07-27 11:34:25 +02:00
geohash.h Multiple GEORADIUS bugs fixed. 2016-07-27 11:34:25 +02:00
help.h redis-cli help.h updated. 2016-06-14 14:45:28 +02:00
hyperloglog.c Switch PFCOUNT to LogLog-Beta algorithm. 2016-12-16 11:07:30 +01:00
intset.c Merge pull request #3242 from whatacold/unstable 2016-12-20 15:39:56 +01:00
intset.h Use const in Redis Module API where possible. 2016-06-20 23:08:06 +03:00
latency.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
latency.h Separate latency monitoring of eviction loop and eviction DELs. 2015-02-11 10:52:27 +01:00
lazyfree.c Apply the new dictUnlink() where possible. 2016-09-14 16:37:53 +02:00
lzf_c.c Upgrade LZF to 3.6 (2011) from 3.5 (2009) 2015-01-02 11:16:10 -05:00
lzf_d.c Upgrade LZF to 3.6 (2011) from 3.5 (2009) 2015-01-02 11:16:10 -05:00
lzf.h No more trailing spaces in Redis source code. 2014-06-26 18:48:40 +02:00
lzfP.h Upgrade LZF to 3.6 (2011) from 3.5 (2009) 2015-01-02 11:16:10 -05:00
Makefile Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
memtest.c Hopefully better memory test on crash. 2015-12-16 17:41:22 +01:00
mkreleasehdr.sh suppress external diff program when using git diff. 2013-02-24 18:17:46 +01:00
module.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
multi.c RDMF: More consistent define names. 2015-07-27 14:37:58 +02:00
networking.c PSYNC2: stop sending newlines to sub-slaves when master is down. 2016-11-28 17:54:04 +01:00
notify.c RDMF: More consistent define names. 2015-07-27 14:37:58 +02:00
object.c Don't divide by zero 2017-01-27 16:24:14 +01:00
pqsort.c No more trailing spaces in Redis source code. 2014-06-26 18:48:40 +02:00
pqsort.h BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
pubsub.c RDMF: More consistent define names. 2015-07-27 14:37:58 +02:00
quicklist.c fix a bug for quicklistDup() function 2016-10-28 19:47:29 +08:00
quicklist.h Use const in Redis Module API where possible. 2016-06-20 23:08:06 +03:00
rand.c Use 'void' for zero-argument functions 2014-08-08 10:05:32 +02:00
rand.h BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
rdb.c Replication: fix the infamous key leakage of writable slaves + EXPIRE. 2016-12-13 10:59:54 +01:00
rdb.h PSYNC2: different improvements to Redis replication. 2016-11-09 15:37:15 +01:00
redis-benchmark.c Update redis-benchmark.c 2016-11-11 10:33:48 +08:00
redis-check-aof.c BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
redis-check-rdb.c redis_check_rdb(): the rio structure must be global. 2016-07-06 19:12:24 +02:00
redis-cli.c Initialize help only in repl mode 2017-01-08 18:29:22 +01:00
redis-trib.rb Refactor redis-trib.rb 2016-10-10 01:13:20 +09:00
redisassert.h Add panic() into redisassert.h. 2017-01-18 17:12:07 +01:00
redismodule.h Use const in modules types mem_usage method. 2017-01-12 12:47:46 +01:00
release.c No more trailing spaces in Redis source code. 2014-06-26 18:48:40 +02:00
replication.c Don't leak file descriptor on syncWithMaster(). 2017-02-20 10:18:41 +01:00
rio.c various cleanups and minor fixes 2016-04-25 16:49:57 +03:00
rio.h Modules: support for modules native data types. 2016-06-03 18:14:04 +02:00
scripting.c Merge pull request #732 from evilpacket/remove_dofile 2016-05-08 18:04:41 +02:00
sds.c sds: don't check for impossible string size in 32 bit systems. 2016-09-01 11:04:22 +02:00
sds.h Lua debugger: use sds_malloc() to allocate eval cli array. 2015-11-17 15:43:23 +01:00
sdsalloc.h SDS: changes to unify Redis SDS with antirez/sds repo. 2015-07-25 17:25:44 +02:00
sentinel.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
server.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
server.h Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
setproctitle.c Set proctitle: avoid the use of __attribute__((constructor)). 2013-02-27 11:50:35 +01:00
sha1.c sha1.c: use standard uint32_t. 2015-04-27 12:07:49 +02:00
sha1.h sha1.c: use standard uint32_t. 2015-04-27 12:07:49 +02:00
siphash.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
slowlog.c RDMF: REDIS_OK REDIS_ERR -> C_OK C_ERR. 2015-07-26 23:17:55 +02:00
slowlog.h RDMF: use client instead of redisClient, like Disque. 2015-07-26 15:20:52 +02:00
solarisfixes.h Check for __sun macro in solarisfixes.h, not in includers. 2015-01-09 11:23:22 +01:00
sort.c Lazyfree: Hash converted to use plain SDS WIP 4. 2015-10-01 13:02:25 +02:00
sparkline.c RDMF (Redis/Disque merge friendlyness) refactoring WIP 1. 2015-07-26 15:17:18 +02:00
sparkline.h LATENCY GRAPH implemented. 2014-07-02 16:31:22 +02:00
syncio.c syncWithMaster(): non blocking state machine. 2015-08-06 18:12:20 +02:00
t_hash.c Use const in Redis Module API where possible. 2016-06-20 23:08:06 +03:00
t_list.c Use const in Redis Module API where possible. 2016-06-20 23:08:06 +03:00
t_set.c Optimize repeated keyname hashing. 2016-09-12 13:19:05 +02:00
t_string.c Replication: fix the infamous key leakage of writable slaves + EXPIRE. 2016-12-13 10:59:54 +01:00
t_zset.c Use SipHash hash function to mitigate HashDos attempts. 2017-02-20 17:29:17 +01:00
testhelp.h BSD license added to every C source and header file. 2012-11-08 18:31:32 +01:00
util.c Modules: first preview 31 March 2016. 2016-05-10 06:40:05 +02:00
util.h Fix HINCRBYFLOAT to work with long doubles. 2015-11-04 17:16:34 +01:00
valgrind.sup more valgrind friendly test 2011-07-06 15:22:00 +02:00
version.h Mark version of unstable branch in an unique way. 2015-09-29 17:30:24 +02:00
ziplist.c Fix ziplist fix... 2017-02-01 17:01:31 +01:00
ziplist.h DEBUG: new "ziplist" subcommand added. Dumps a ziplist on stdout. 2016-12-16 09:02:50 +01:00
zipmap.c Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
zipmap.h Allow all code tests to run using Redis args 2014-12-23 09:31:03 -05:00
zmalloc.c Defrag: activate it only if running modified version of Jemalloc. 2017-01-10 11:25:39 +01:00
zmalloc.h Defrag: activate it only if running modified version of Jemalloc. 2017-01-10 11:25:39 +01:00