Comments (7)
I believe, and correct me if I am wrong here, that the chances of this
happening are
so far fetched that the amount of work to mitigate this nullify the benefit of
going
through this work.
Also, with how impropable this situation is, is it worth affecting the
performance of
an otherwise performant object?
Original comment by chrisisbeef
on 2 Dec 2009 at 7:28
from owasp-esapi-java.
Original comment by chrisisbeef
on 2 Dec 2009 at 7:55
- Added labels: Priority-Low
- Removed labels: Priority-Medium
from owasp-esapi-java.
Well, I guess it depends on whether or not you want this thing to actually work
reliably.
These are unchecked insertions, so the probability of a collision is the # of
elements in the map / the keyspace of the map keys. Multiply this by the number
of
insertions to get roughly the probability of a collision on an update(). It's
small
problems like this that are extremely elusive and hard to track down.
In the report I stated how to fix it. It would take at most 10 minutes to
change and
test.
Original comment by [email protected]
on 2 Dec 2009 at 11:46
from owasp-esapi-java.
Younkins is right IMO. I'll fix this before 2.0.
Original comment by [email protected]
on 1 Nov 2010 at 5:59
- Added labels: Milestone-Release2.0, Priority-High
- Removed labels: Priority-Low
from owasp-esapi-java.
Original comment by [email protected]
on 1 Nov 2010 at 6:01
- Changed state: Accepted
from owasp-esapi-java.
Original comment by chrisisbeef
on 20 Nov 2010 at 9:16
- Added labels: Component-Other
from owasp-esapi-java.
Original comment by [email protected]
on 29 May 2012 at 3:20
from owasp-esapi-java.
Related Issues (20)
- AbstractAccessReferenceMap.addDirectReference not invariant
- setHeader blocks legitimate headers due to header name size limit being too low
- Log4j configuration with no root level causes NPE in Log4jLogger.java HOT 1
- Content Security Policy - Java Servlet Filter
- logger is gettin class cast exception
- [deleted issue]
- Regex in ESAPI.properties is not considering few of the french characters HOT 2
- Performance HOT 3
- -Log4JLogger.java doesn't output correct file & line number-Similar issue as reported in Issue 268
- HttpParamtervalue for allowing Xml Data
- HTTPParameterValue
- EncryptedPropertiesUtils Switch for Adding Values
- User session just jumped from unknown to 0:0:0:0:0:0:0:1 HOT 1
- ESAPI configuration files not included in dist.
- SecurityConfiguration for ESAPI.Encoder not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultEncoder HOT 1
- Need to update Apache Commons BeanUtils
- Multiple URLs are not supported by Validator.Redirect
- Duplicates ESAPI_en_US.properties in esapi-2.1.0-dist.zip HOT 1
- isValidInput failing for HTTPParameterValue {internalAction:getScreen} HOT 1
- StringUtilities.union() method is broken, weakens GenerateStrongPassword
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from owasp-esapi-java.