On Apr 13, 2:37?pm, Grant Edwards <invalid at invalid> wrote:
> On 2009-04-13, Grant Edwards <invalid at invalid> wrote:
>
>
>
> > On 2009-04-13, SpreadTooThin <bjobrie... at gmail.com> wrote:
>
> >> I want to compare two binary files and see if they are the same.
> >> I see the filecmp.cmp function but I don't get a warm fuzzy feeling
> >> that it is doing a byte by byte comparison of two files to see if they
> >> are they same.
>
> > Perhaps I'm being dim, but how else are you going to decide if
> > two files are the same unless you compare the bytes in the
> > files?
>
> > You could hash them and compare the hashes, but that's a lot
> > more work than just comparing the two byte streams.
>
> >> What should I be using if not filecmp.cmp?
>
> > I don't understand what you've got against comparing the files
> > when you stated that what you wanted to do was compare the files.
>
> Doh! ?I misread your post and thought were weren't getting a
> warm fuzzying feeling _because_ it was doing a byte-byte
> compare. Now I'm a bit confused. ?Are you under the impression
> it's _not_ doing a byte-byte compare? ?Here's the code:
>
> def _do_cmp(f1, f2):
> ? ? bufsize = BUFSIZE
> ? ? fp1 = open(f1, 'rb')
> ? ? fp2 = open(f2, 'rb')
> ? ? while True:
> ? ? ? ? b1 = fp1.read(bufsize)
> ? ? ? ? b2 = fp2.read(bufsize)
> ? ? ? ? if b1 != b2:
> ? ? ? ? ? ? return False
> ? ? ? ? if not b1:
> ? ? ? ? ? ? return True
>
> It looks like a byte-by-byte comparison to me. ?Note that when
> this function is called the file lengths have already been
> compared and found to be equal.
>
> --
> Grant Edwards ? ? ? ? ? ? ? ? ? grante ? ? ? ? ? ? Yow! Alright, you!!
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? at ? ? ? ? ? ? ? Imitate a WOUNDED SEAL
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?visi.com ? ? ? ? ? ?pleading for a PARKING
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?SPACE!!

I am indeed under the impression that it is not always doing a byte by
byte comparison...
as well the documentation states:
Compare the files named f1 and f2, returning True if they seem equal,
False otherwise.

That word... Seeeeem... makes me wonder.

Thanks for the code! :)

Grant Edwards wrote:

> On 2009-04-13, Grant Edwards <invalid at invalid> wrote:
>> On 2009-04-13, SpreadTooThin <bjobrien62 at gmail.com> wrote:
>>
>>> I want to compare two binary files and see if they are the same.
>>> I see the filecmp.cmp function but I don't get a warm fuzzy feeling
>>> that it is doing a byte by byte comparison of two files to see if they
>>> are they same.
>>
>> Perhaps I'm being dim, but how else are you going to decide if
>> two files are the same unless you compare the bytes in the
>> files?
>>
>> You could hash them and compare the hashes, but that's a lot
>> more work than just comparing the two byte streams.
>>
>>> What should I be using if not filecmp.cmp?
>>
>> I don't understand what you've got against comparing the files
>> when you stated that what you wanted to do was compare the files.
>
> Doh! I misread your post and thought were weren't getting a
> warm fuzzying feeling _because_ it was doing a byte-byte
> compare. Now I'm a bit confused. Are you under the impression
> it's _not_ doing a byte-byte compare? Here's the code:
>
> def _do_cmp(f1, f2):
> bufsize = BUFSIZE
> fp1 = open(f1, 'rb')
> fp2 = open(f2, 'rb')
> while True:
> b1 = fp1.read(bufsize)
> b2 = fp2.read(bufsize)
> if b1 != b2:
> return False
> if not b1:
> return True
>
> It looks like a byte-by-byte comparison to me. Note that when
> this function is called the file lengths have already been
> compared and found to be equal.

But there's a cache. A change of file contents may go undetected as long as
the file stats don't change:

$ cat fool_filecmp.py
import filecmp, shutil, sys

for fn in "adb":
with open(fn, "w") as f:
f.write("yadda")

shutil.copystat("d", "a")
filecmp.cmp("a", "b", False)

with open("a", "w") as f:
f.write("*****")
shutil.copystat("d", "a")

if "--clear" in sys.argv:
print "clearing cache"
filecmp._cache.clear()

if filecmp.cmp("a", "b", False):
print "file a and b are equal"
else:
print "file a and b differ"
print "a's contents:", open("a").read()
print "b's contents:", open("b").read()

$ python2.6 fool_filecmp.py
file a and b are equal
a's contents: *****
b's contents: yadda

Oops. If you are paranoid you have to clear the cache before doing the
comparison:

$ python2.6 fool_filecmp.py --clear
clearing cache
file a and b differ
a's contents: *****
b's contents: yadda

Peter

On Wed, Apr 15, 2009 at 11:03 AM, Steven D'Aprano
<steven at remove.this.cybersource.com.au> wrote:
> The checksum does look at every byte in each file. Checksumming isn't a
> way to avoid looking at each byte of the two files, it is a way of
> mapping all the bytes to a single number.

My understanding of the original question was a way to determine
wether 2 files are equal or not. Creating a checksum of 1-n files and
comparing those checksums IMHO is a valid way to do that. I know it's
a (one way) mapping between a (possibly) longer byte sequence and
another one, how does checksumming not take each byte in the original
sequence into account.

I'd still say rather burn CPU cycles than development hours (if I got
the question right), if not then with binary files you will have to
find some way of representing differences between the 2 files in a
readable manner anyway.

> Hashing is a *lot* more work than just comparing two bytes. The MD5
> checksum has been specifically designed to be fast and compact, and the
> algorithm is still complicated:

I know that the various checksum algorithms aren't exactly cheap, but
I do think that just to know wether 2 files are different a solution
which takes 5mins to implement wins against a lengthy discussion which
optimizes too early wins hands down.

regards,
martin

--
http://soup.alt.delete.co.at
http://www.xing.com/profile/Martin_Marcher
http://www.linkedin.com/in/martinmarcher

You are not free to read this message,
by doing so, you have violated my licence
and are required to urinate publicly. Thank you.

Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html

On 2009-04-15, Martin <martin at marcher.name> wrote:
> On Wed, Apr 15, 2009 at 11:03 AM, Steven D'Aprano

> I'd still say rather burn CPU cycles than development hours (if I got
> the question right),

_Hours_? Calling the file compare module takes _one_line_of_code_.

Implementing a file compare from scratch takes about a half
dozen lines of code.

> if not then with binary files you will have to find some way
> of representing differences between the 2 files in a readable
> manner anyway.

1) Who said anything about a readable representation of the
differences?

2) How does a checksum provide that?

>> Hashing is a *lot* more work than just comparing two bytes.
>> The MD5 checksum has been specifically designed to be fast and
>> compact, and the algorithm is still complicated:
>
> I know that the various checksum algorithms aren't exactly
> cheap, but I do think that just to know wether 2 files are
> different a solution which takes 5mins to implement wins
> against a lengthy discussion

Bah. A direct compare is trivial. The discussion of which
checksum to use, how to implement it, and how reliable it is
will be far longer than any discussion over a direct
comparison.

> which optimizes too early wins hands down.

Optimizes too early? Comparing the bytes is the simplest and
most direct, obvious solution. It takes one line of code to
call the file compare module. Implementing it from scratch
takes about five lines of code.

We all rail against premature optimization, but using a
checksum instead of a direct comparison is premature
unoptimization. ;)

--
Grant Edwards grante Yow! Hmmm ... A hash-singer
at and a cross-eyed guy were
visi.com SLEEPING on a deserted
island, when ...

On Apr 15, 8:04?am, Grant Edwards <invalid at invalid> wrote:
> On 2009-04-15, Martin <mar... at marcher.name> wrote:
>
>
>
> > Hi,
>
> > On Mon, Apr 13, 2009 at 10:03 PM, Grant Edwards <invalid at invalid> wrote:
> >> On 2009-04-13, SpreadTooThin <bjobrie... at gmail.com> wrote:
>
> >>> I want to compare two binary files and see if they are the same.
> >>> I see the filecmp.cmp function but I don't get a warm fuzzy feeling
> >>> that it is doing a byte by byte comparison of two files to see if they
> >>> are they same.
>
> >> Perhaps I'm being dim, but how else are you going to decide if
> >> two files are the same unless you compare the bytes in the
> >> files?
>
> > I'd say checksums, just about every download relies on checksums to
> > verify you do have indeed the same file.
>
> That's slower than a byte-by-byte compare.
>
> >> You could hash them and compare the hashes, but that's a lot
> >> more work than just comparing the two byte streams.
>
> > hashing is not exactly much mork in it's simplest form it's 2
> > lines per file.
>
> I meant a lot more CPU time/cycles.
>
> --
> Grant Edwards ? ? ? ? ? ? ? ? ? grante ? ? ? ? ? ? Yow! Was my SOY LOAF left
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? at ? ? ? ? ? ? ? out in th'RAIN? ?It tastes
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?visi.com ? ? ? ? ? ?REAL GOOD!!

I'd like to add my 2 cents here.. (Thats 1.8 cents US)
All I was trying to get was a clarification of the documentation of
the cmp method.
It isn't clear.

byte by byte comparison is good enough for me as long as there are no
cache issues.
a check sum is not good because it doesn't guarantee that 1 + 2 + 3
== 3 + 2 + 1
a crc of any sort is more work than a byte by byte comparison and
doesn't give you any more information.

Adam Olsen wrote:
> On Apr 16, 3:16 am, Nigel Rantor <wig... at wiggly.org> wrote:
>> Adam Olsen wrote:
>>> On Apr 15, 12:56 pm, Nigel Rantor <wig... at wiggly.org> wrote:
>>>> Adam Olsen wrote:
>>>>> The chance of *accidentally* producing a collision, although
>>>>> technically possible, is so extraordinarily rare that it's completely
>>>>> overshadowed by the risk of a hardware or software failure producing
>>>>> an incorrect result.
>>>> Not when you're using them to compare lots of files.
>>>> Trust me. Been there, done that, got the t-shirt.
>>>> Using hash functions to tell whether or not files are identical is an
>>>> error waiting to happen.
>>>> But please, do so if it makes you feel happy, you'll just eventually get
>>>> an incorrect result and not know it.
>>> Please tell us what hash you used and provide the two files that
>>> collided.
>> MD5
>>
>>> If your hash is 256 bits, then you need around 2**128 files to produce
>>> a collision. This is known as a Birthday Attack. I seriously doubt
>>> you had that many files, which suggests something else went wrong.
>> Okay, before I tell you about the empirical, real-world evidence I have
>> could you please accept that hashes collide and that no matter how many
>> samples you use the probability of finding two files that do collide is
>> small but not zero.
>
> I'm afraid you will need to back up your claims with real files.
> Although MD5 is a smaller, older hash (128 bits, so you only need
> 2**64 files to find collisions), and it has substantial known
> vulnerabilities, the scenario you suggest where you *accidentally*
> find collisions (and you imply multiple collisions!) would be a rather
> significant finding.

No. It wouldn't. It isn't.

The files in question were millions of audio files. I no longer work at
the company where I had access to them so I cannot give you examples,
and even if I did Data Protection regulations wouldn't have allowed it.

If you still don't beleive me you can easily verify what I'm saying by
doing some simple experiemnts. Go spider the web for images, keep
collecting them until you get an MD5 hash collision.

It won't take long.

> Please help us all by justifying your claim.

Now, please go and re-read my request first and admit that everything I
have said so far is correct.

> Mind you, since you use MD5 I wouldn't be surprised if your files were
> maliciously produced. As I said before, you need to consider
> upgrading your hash every few years to avoid new attacks.

Good grief, this is nothing to do with security concerns, this is about
someone suggesting to the OP that they use a hash function to determine
whether or not two files are identical.

Regards,

Nige

On 2009-04-16, Adam Olsen <rhamph at gmail.com> wrote:

>>>>> The chance of *accidentally* producing a collision, although
>>>>> technically possible, is so extraordinarily rare that it's
>>>>> completely overshadowed by the risk of a hardware or software
>>>>> failure producing an incorrect result.
>>>>
>>>> Not when you're using them to compare lots of files.
>>
>>>> Trust me. Been there, done that, got the t-shirt.

I must admit, that is a bit hard to believe.

>> Okay, before I tell you about the empirical, real-world
>> evidence I have could you please accept that hashes collide
>> and that no matter how many samples you use the probability of
>> finding two files that do collide is small but not zero.
>
> I'm afraid you will need to back up your claims with real files.
> Although MD5 is a smaller, older hash (128 bits, so you only need
> 2**64 files to find collisions),

You don't need quite that many to have a significant chance of
a collision. With "only" something on the order of 2**61
files, you still have about a 1% chance of a collision.

Just for fun here are a few data points showing the probability
of at least one collision in a sample of size n using a perfect
128-bit hash. These were calculated using the taylor-series
approximation shown at

http://en.wikipedia.org/wiki/Birthday_paradox#Calculating_the_probability

For "a few million files" (we'll say 4e6), the probability of a
collision is so close to 0 that it can't be calculated using
double-precision IEEE floats.

For a few _billion_ files, the taylor series approximation is
still 0 to about 15 significant digits.

For a few _trillion_ files, you finally get a "non-zero"
probability of about 2e-14.

Here are a few more points:

n = 1806791225998070; p(n) = 0.00000000
n = 1987470348597877; p(n) = 0.00000001
n = 2186217383457665; p(n) = 0.00000001
n = 2404839121803431; p(n) = 0.00000001
n = 2645323033983774; p(n) = 0.00000001
n = 2909855337382151; p(n) = 0.00000001
n = 3200840871120366; p(n) = 0.00000002
n = 3520924958232403; p(n) = 0.00000002
n = 3873017454055643; p(n) = 0.00000002
n = 4260319199461207; p(n) = 0.00000003
n = 4686351119407328; p(n) = 0.00000003
n = 5154986231348061; p(n) = 0.00000004
n = 5670484854482868; p(n) = 0.00000005
n = 6237533339931155; p(n) = 0.00000006
n = 6861286673924271; p(n) = 0.00000007
n = 7547415341316699; p(n) = 0.00000008
n = 8302156875448370; p(n) = 0.00000010
n = 9132372562993208; p(n) = 0.00000012
n = 10045609819292530; p(n) = 0.00000015
n = 11050170801221784; p(n) = 0.00000018
n = 12155187881343964; p(n) = 0.00000022
n = 13370706669478362; p(n) = 0.00000026
n = 14707777336426200; p(n) = 0.00000032
n = 16178555070068822; p(n) = 0.00000038
n = 17796410577075706; p(n) = 0.00000047
n = 19576051634783280; p(n) = 0.00000056
n = 21533656798261608; p(n) = 0.00000068
n = 23687022478087772; p(n) = 0.00000082
n = 26055724725896552; p(n) = 0.00000100
n = 28661297198486208; p(n) = 0.00000121
n = 31527426918334832; p(n) = 0.00000146
n = 34680169610168320; p(n) = 0.00000177
n = 38148186571185152; p(n) = 0.00000214
n = 41963005228303672; p(n) = 0.00000259
n = 46159305751134040; p(n) = 0.00000313
n = 50775236326247448; p(n) = 0.00000379
n = 55852759958872200; p(n) = 0.00000458
n = 61438035954759424; p(n) = 0.00000555
n = 67581839550235368; p(n) = 0.00000671
n = 74340023505258912; p(n) = 0.00000812
n = 81774025855784816; p(n) = 0.00000983
n = 89951428441363312; p(n) = 0.00001189
n = 98946571285499648; p(n) = 0.00001439
n = 108841228414049616; p(n) = 0.00001741
n = 119725351255454592; p(n) = 0.00002106
n = 131697886381000064; p(n) = 0.00002548
n = 144867675019100096; p(n) = 0.00003084
n = 159354442521010112; p(n) = 0.00003731
n = 175289886773111136; p(n) = 0.00004515
n = 192818875450422272; p(n) = 0.00005463
n = 212100762995464512; p(n) = 0.00006610
n = 233310839295010976; p(n) = 0.00007998
n = 256641923224512096; p(n) = 0.00009678
n = 282306115546963328; p(n) = 0.00011710
n = 310536727101659712; p(n) = 0.00014169
n = 341590399811825728; p(n) = 0.00017144
n = 375749439793008320; p(n) = 0.00020744
n = 413324383772309184; p(n) = 0.00025099
n = 454656822149540160; p(n) = 0.00030369
n = 500122504364494208; p(n) = 0.00036745
n = 550134754800943680; p(n) = 0.00044460
n = 605148230281038080; p(n) = 0.00053794
n = 665663053309141888; p(n) = 0.00065088
n = 732229358640056192; p(n) = 0.00078751
n = 805452294504061824; p(n) = 0.00095280
n = 885997523954468096; p(n) = 0.00115278
n = 974597276349915008; p(n) = 0.00139469
n = 1072057003984906624; p(n) = 0.00168733
n = 1179262704383397376; p(n) = 0.00204131
n = 1297188974821737216; p(n) = 0.00246945
n = 1426907872303911168; p(n) = 0.00298726
n = 1569598659534302464; p(n) = 0.00361345
n = 1726558525487732736; p(n) = 0.00437061
n = 1899214378036506112; p(n) = 0.00528601
n = 2089135815840156928; p(n) = 0.00639252
n = 2298049397424172800; p(n) = 0.00772975
n = 2527854337166590464; p(n) = 0.00934539
n = 2780639770883249664; p(n) = 0.01129680

Here's the Python function I'm using:

def bp(n, d):
return 1.0 - exp(-n*(n-1.)/(2.*d))

I haven't spent much time studying the numerical issues of the
way that the exponent is calculated, so I'm not entirely
confident in the results for "small" n values such that
p(n) == 0.0.

--
Grant Edwards grante Yow! ... the MYSTERIANS are
at in here with my CORDUROY
visi.com SOAP DISH!!

On Thu, 16 Apr 2009 10:44:06 +0100, Adam Olsen <rhamph at gmail.com> wrote:

> On Apr 16, 3:16?am, Nigel Rantor <wig... at wiggly.org> wrote:
>> Okay, before I tell you about the empirical, real-world evidence I have
>> could you please accept that hashes collide and that no matter how many
>> samples you use the probability of finding two files that do collide is
>> small but not zero.
>
> I'm afraid you will need to back up your claims with real files.

So that would be a "no" then. If the implementation of dicts in Python,
say, were to assert as you are that the hashes aren't going to collide,
then I'd have to walk away from it. There's no point in using something
that guarantees a non-zero chance of corrupting your data.

Why are you advocating a solution to the OP's problem that is more
computationally expensive than a simple byte-by-byte comparison and
doesn't guarantee to give the correct answer?

--
Rhodri James *-* Wildebeeste Herder to the Masses

On Apr 16, 4:27?pm, "Rhodri James" <rho... at wildebst.demon.co.uk>
wrote:
> On Thu, 16 Apr 2009 10:44:06 +0100, Adam Olsen <rha... at gmail.com> wrote:
> > On Apr 16, 3:16?am, Nigel Rantor <wig... at wiggly.org> wrote:
> >> Okay, before I tell you about the empirical, real-world evidence I have
> >> could you please accept that hashes collide and that no matter how many
> >> samples you use the probability of finding two files that do collide is
> >> small but not zero.
>
> > I'm afraid you will need to back up your claims with real files.
>
> So that would be a "no" then. ?If the implementation of dicts in Python,
> say, were to assert as you are that the hashes aren't going to collide,
> then I'd have to walk away from it. ?There's no point in using something
> that guarantees a non-zero chance of corrupting your data.

Python's hash is only 32 bits on a 32-bit box, so even 2**16 keys (or
65 thousand) will give you a decent chance of a collision. In
contrast MD5 needs 2**64, and a *good* hash needs 2**128 (SHA-256) or
2**256 (SHA-512). The two are at totally different extremes.

There is *always* a non-zero chance of corruption, due to software
bugs, hardware defects, or even operator error. It is only in that
broader context that you can realize just how minuscule the risk is.

Can you explain to me why you justify great lengths of paranoia, when
the risk is so much lower?


> Why are you advocating a solution to the OP's problem that is more
> computationally expensive than a simple byte-by-byte comparison and
> doesn't guarantee to give the correct answer?

For single, one-off comparison I have no problem with a byte-by-byte
comparison. There's a decent chance the files won't be in the OS's
cache anyway, so disk IO will be your bottleneck.

Only if you're doing multiple comparisons is a hash database
justified. Even then, if you expect matching files to be fairly rare
I won't lose any sleep if you're paranoid and do a byte-by-byte
comparison anyway. New vulnerabilities are found, and if you don't
update promptly there is a small (but significant) chance of a
malicious file leading to collision.

That's not my concern though. What I'm responding to is Nigel
Rantor's grossly incorrect statements about probability. The chance
of collision, in our life time, is *insignificant*.

The Wayback Machine has 150 billion pages, so 2**37. Google's index
is a bit larger at over a trillion pages, so 2**40. A little closer
than I'd like, but that's still 562949950000000 to 1 odds of having
*any* collisions between *any* of the files. Step up to SHA-256 and
it becomes 191561940000000000000000000000000000000000000000000000 to
1. Sadly, I can't even give you the odds for SHA-512, Qalculate
considers that too close to infinite to display. :)

You should worry more about your head spontaneously exploding than you
should about a hash collision on that scale. To do otherwise is
irrational paranoia.

On Apr 16, 11:15?am, SpreadTooThin <bjobrie... at gmail.com> wrote:
> And yes he is right CRCs hashing all have a probability of saying that
> the files are identical when in fact they are not.

Here's the bottom line. It is either:

A) Several hundred years of mathematics and cryptography are wrong.
The birthday problem as described is incorrect, so a collision is far
more likely than 42 trillion trillion to 1. You are simply the first
person to have noticed it.

B) Your software was buggy, or possibly the input was maliciously
produced. Or, a really tiny chance that your particular files
contained a pattern that provoked bad behaviour from MD5.

Finding a specific limitation of the algorithm is one thing. Claiming
that the math is fundamentally wrong is quite another.