mirror of
https://github.com/nodejs/node.git
synced 2024-11-28 14:33:11 +01:00
4f68369643
Snapshots speed up start-up by a few milliseconds but are potentially dangerous because of the fixed hash seed that is used for strings and dictionaries, making collision denial-of-service attacks possible. Release builds on iojs.org have snapshots disabled but source builds did not, until now. The risk for individual source builds is low; the binary gets a random 32 bits hash seed that should be hard to guess by an external attacker. It's when binaries are distributed by, for example, a distro vendor that the fixed hash seed becomes a vulnerability, because then it's possible to target a large group of people at once. People that really need the faster start-up time can use the new --with-snapshot configure flag. PR-URL: https://github.com/iojs/io.js/pull/585 Reviewed-By: Bert Belder <bertbelder@gmail.com> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> Reviewed-By: Rod Vagg <rod@vagg.org>
19 lines
473 B
Bash
Executable File
19 lines
473 B
Bash
Executable File
#!/bin/bash
|
|
|
|
export TOOLCHAIN=$PWD/android-toolchain
|
|
mkdir -p $TOOLCHAIN
|
|
$1/build/tools/make-standalone-toolchain.sh \
|
|
--toolchain=arm-linux-androideabi-4.7 \
|
|
--arch=arm \
|
|
--install-dir=$TOOLCHAIN \
|
|
--platform=android-9
|
|
export PATH=$TOOLCHAIN/bin:$PATH
|
|
export AR=arm-linux-androideabi-ar
|
|
export CC=arm-linux-androideabi-gcc
|
|
export CXX=arm-linux-androideabi-g++
|
|
export LINK=arm-linux-androideabi-g++
|
|
|
|
./configure \
|
|
--dest-cpu=arm \
|
|
--dest-os=android
|