> -----Original Message----- > From: Development [mailto:development-bounces+mitch.curtis=qt.io@qt- > project.org] On Behalf Of Kevin Kofler > Sent: Tuesday, 6 March 2018 3:06 PM > To: [email protected] > Subject: Re: [Development] Making QObject::dumpObjectTree() and > QObject::dumpObjectInfo() invokable > > Mitch Curtis wrote: > > https://codereview.qt-project.org/#/c/221758/ makes > > QObject::dumpObjectTree() and QObject::dumpObjectInfo() invokable so > > that they can be used from QML. > > Would this have any security impact? I'm thinking of issues like ASLR bypass > or other information leakage, if these end up being invokable from untrusted > scripts. Or is all the information contained there already available to QML?
I was hoping someone else would answer this because I have no idea what ASLR bypass is, but I can say that the information is already available to QML, at the very least by exposing it from C++, if that's what you mean. > Kevin Kofler > > _______________________________________________ > Development mailing list > [email protected] > http://lists.qt-project.org/mailman/listinfo/development _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
