summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorThiago Macieira <thiago.macieira@intel.com>2014-05-19 16:53:34 -0700
committerThe Qt Project <gerrit-noreply@qt-project.org>2014-05-21 01:34:38 +0200
commit5283a6c87beac5a43f612786fefd6e43f2c70bf6 (patch)
tree48c1648a29305a3567e51bdd1f98ae4b7a64dfed /src
parent1b031630ded1fbb9a94642de1d720651a390a03b (diff)
Disable hash seeding for bootstrapped tools
Any bootstrapped tool is a development tool, by definition. So the effects of seeding the hash with a random number can cause the same source input to produce different binary results, which can throw some caching tools into disarray (like the Open Build System). There should be minimal fall out from the reduced protection against DoS. Since those are only development tools, "specially crafted" input implies the developer is DoS'ing him/herself. Note: the change to qhash.cpp applies to moc and rcc, which are always bootstrapped. Change-Id: I061ab52036e40627c0703f1bf881455cbf848f43 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: hjk <hjk121@nokiamail.com>
Diffstat (limited to 'src')
-rw-r--r--src/corelib/tools/qhash.cpp8
-rw-r--r--src/tools/qdoc/main.cpp2
-rw-r--r--src/tools/uic/main.cpp3
3 files changed, 9 insertions, 4 deletions
diff --git a/src/corelib/tools/qhash.cpp b/src/corelib/tools/qhash.cpp
index ca645636e4..7200ea7993 100644
--- a/src/corelib/tools/qhash.cpp
+++ b/src/corelib/tools/qhash.cpp
@@ -222,12 +222,13 @@ uint qHash(QLatin1String key, uint seed) Q_DECL_NOTHROW
*/
static uint qt_create_qhash_seed()
{
+ uint seed = 0;
+
+#ifndef QT_BOOTSTRAPPED
QByteArray envSeed = qgetenv("QT_HASH_SEED");
if (!envSeed.isNull())
return envSeed.toUInt();
- uint seed = 0;
-
#ifdef Q_OS_UNIX
int randomfd = qt_safe_open("/dev/urandom", O_RDONLY);
if (randomfd == -1)
@@ -254,17 +255,16 @@ static uint qt_create_qhash_seed()
seed ^= timestamp;
seed ^= (timestamp >> 32);
-#ifndef QT_BOOTSTRAPPED
quint64 pid = QCoreApplication::applicationPid();
seed ^= pid;
seed ^= (pid >> 32);
-#endif // QT_BOOTSTRAPPED
quintptr seedPtr = reinterpret_cast<quintptr>(&seed);
seed ^= seedPtr;
#if QT_POINTER_SIZE == 8
seed ^= (seedPtr >> 32);
#endif
+#endif // QT_BOOTSTRAPPED
return seed;
}
diff --git a/src/tools/qdoc/main.cpp b/src/tools/qdoc/main.cpp
index 398d188464..3d2ee409b0 100644
--- a/src/tools/qdoc/main.cpp
+++ b/src/tools/qdoc/main.cpp
@@ -542,6 +542,7 @@ static void processQdocconfFile(const QString &fileName)
Generator::debugSegfault("qdoc finished!");
}
+extern Q_CORE_EXPORT QBasicAtomicInt qt_qhash_seed;
QT_END_NAMESPACE
int main(int argc, char **argv)
@@ -549,6 +550,7 @@ int main(int argc, char **argv)
QT_USE_NAMESPACE
#ifndef QT_BOOTSTRAPPED
+ qt_qhash_seed.testAndSetRelaxed(-1, 0); // set the hash seed to 0 if it wasn't set yet
QCoreApplication app(argc, argv);
#endif
diff --git a/src/tools/uic/main.cpp b/src/tools/uic/main.cpp
index cb2bd430ff..12b0ee6737 100644
--- a/src/tools/uic/main.cpp
+++ b/src/tools/uic/main.cpp
@@ -52,9 +52,12 @@
#include <qcommandlineparser.h>
QT_BEGIN_NAMESPACE
+extern Q_CORE_EXPORT QBasicAtomicInt qt_qhash_seed;
int runUic(int argc, char *argv[])
{
+ qt_qhash_seed.testAndSetRelaxed(-1, 0); // set the hash seed to 0 if it wasn't set yet
+
QCoreApplication app(argc, argv);
QCoreApplication::setApplicationVersion(QString::fromLatin1(QT_VERSION_STR));