From f18de427bf9f3601778daa4dd559b995ad5bd29a Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <lfleischer@lfos.de>
Date: Sun, 7 May 2017 08:08:03 +0200
Subject: [PATCH] Randomize OID object hashes

Instead of using type punning to convert the OID to a Python hash, use
_Py_HashBytes() to hash the OID again. This means we no longer make any
assumptions on the internal representation of OID values or Python
hashes (before this commit, we at least relied on the fact that OID
hases are longer than Python hashes). Moreover, the random seed stored
in PYTHONHASHSEED is now honored.

This also fixes a compiler warning seen with -Wstrict-aliasing.

Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
---
 src/oid.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/oid.c b/src/oid.c
index 6f2e290..9a78e95 100644
--- a/src/oid.c
+++ b/src/oid.c
@@ -209,8 +209,10 @@ Oid_init(Oid *self, PyObject *args, PyObject *kw)
 Py_hash_t
 Oid_hash(PyObject *oid)
 {
-    /* TODO Randomize (use _Py_HashSecret) to avoid collission DoS attacks? */
-    return *(Py_hash_t*) ((Oid*)oid)->oid.id;
+    PyObject *py_oid = git_oid_to_py_str(&((Oid *)oid)->oid);
+    Py_hash_t ret = PyObject_Hash(py_oid);
+    Py_DECREF(py_oid);
+    return ret;
 }