Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-80926

Omit compile timestamp data from C++ macros to improve repeatability of binary artifacts

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 7.2.0-rc0
    • None
    • None
    • None
    • Fully Compatible

    Description

      If we rebuild without changes we want the hash to remain the same. There are C++ macros that are able to pull the timestamp of when the compile is executed that would result in different hashes for the same code.

      For example if I build on Sep 8 2023 and a library we depend on uses the "printf("Compiled on %s", _DATE_)", that will expand to "printf("Compiled on %s", "Sep 8 2023")" in the binary image. This will cause the hash of the binary to change if the same code is compiled tomorrow.

      The ability to know if the code that was used to compile a binary is the same is convenient in many scenarios. For example, it could be useful if you want to quickly check which host systems contain a binary that has a known vulnerability.

      Pass in the compiler options to disable these when compiling with the Bazel toolchain.

      Attachments

        Activity

          People

            zack.winter@mongodb.com Zack Winter
            zack.winter@mongodb.com Zack Winter
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: