[Interest] Qt Resource Compiler - why does it randomize the order of items?
Ola Røer Thorsen
ola at silentwings.no
Tue May 20 10:31:45 CEST 2014
2014-05-20 2:01 GMT+02:00 Thiago Macieira <thiago.macieira at intel.com>:
> Em seg 19 maio 2014, às 23:10:10, André Pönitz escreveu:
> > > It's due to the hash randomisation. This was done to avoid DoS attacks
> > > that
> > > can be performed by tweaking data to ensure it always falls into the
> same
> > > hash bucket.
> >
> > Do we think this is useful to have for the specific case of rcc, or,
> > rather, that this outweighs the benefits of reproducible build results?
>
> I'd say that reproducible builds are more important. There's no hashing
> left
> in the generated code; this is only something that rcc does on its own.
>
> I'd recommend then that we reset the hash seed in rcc.
>
> See: https://codereview.qt-project.org/85806
>
>
That'd be nice actually! The reason I asked to begin with was that I had
some trouble avoiding re-builds in a custom scons-based toolchain.
Cheers,
Ola
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20140520/bd3e765b/attachment.html>
More information about the Interest
mailing list