path: root/qmake
diff options
authorGiuseppe D'Angelo <>2012-03-24 08:36:52 +0000
committerQt by Nokia <>2012-04-03 19:12:13 +0200
commit33984e72abf6c3aa1fed37740d8731c96f68d6e2 (patch)
tree5856aae74d79ee32251bfaa5ec45a867f40ac131 /qmake
parent911eed0f90d84b22db69f43eda33ca4ee4965b52 (diff)
QHash security fix (1/2): add global QHash seed
Algorithmic complexity attacks against hash tables have been known since 2003 (cf. [1, 2]), and they have been left unpatched for years until the 2011 attacks [3] against many libraries / (reference) implementations of programming languages. This patch adds a global integer, to be used as a seed for the hash function itself. The seed is randomly initialized the first time a QHash detaches from shared_null. Right now the seed is not used at all -- another patch will modify qHash to make use of it. [1] [2] [3] Task-number: QTBUG-23529 Change-Id: I7519e4c02b9c2794d1c14079b01330eb356e9c65 Reviewed-by: Thiago Macieira <>
Diffstat (limited to 'qmake')
1 files changed, 5 insertions, 0 deletions
diff --git a/qmake/qmake_pch.h b/qmake/qmake_pch.h
index 129d8937cb..d1698ec022 100644
--- a/qmake/qmake_pch.h
+++ b/qmake/qmake_pch.h
@@ -41,6 +41,11 @@
#ifndef QMAKE_PCH_H
#define QMAKE_PCH_H
+// for rand_s, _CRT_RAND_S must be #defined before #including stdlib.h.
+// put it at the beginning so some indirect inclusion doesn't break it
+#ifndef _CRT_RAND_S
+#define _CRT_RAND_S
#include <qglobal.h>
#ifdef Q_OS_WIN
# define _POSIX_