apk/dex differences, diffoscope can't really tell what's going on. Any ideas?
Bernhard M. Wiedemann
bernhardout at lsmod.de
Sat May 29 15:45:15 UTC 2021
On 29/05/2021 14.30, Marcus Hoffmann via rb-general wrote:
> we're trying to hunt down an unreproducible apk build.
>
> We currently have a diff between two dex files which diffoscope can't
> really tell us anything about:
> https://bubu1.eu/diffoscope_dex.html
>
> Anyone got any idea what's going on here?
>
> (File are https://bubu1.eu/classes.dex and
> https://bubu1.eu/classes_fynn.dex)
They differ in
"pg-map-id":"xxxxxxx"
and the 24 differing bytes starting at offset 8 could be a 192 bit
checksum over the remaining content.
If in doubt, check the code creating it for "pg-map-id" and for what
goes after the dex\n035\000 magic header.
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40085
seems related.
https://speakerdeck.com/jakewharton/diffusing-changes-in-your-apks-droidcon-toronto-2019
also has something.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20210529/59e3f7c5/attachment.sig>
More information about the rb-general
mailing list