'list_init' symbol name exported in library is too common and causes runtime symbol conflict. Application crashes, if is linked with any other library exporting 'list_init' symbol. There is no need to export 'list_init' symbol from TSP library if not defined in library API. It should have unique prefix.
Logged In: YES
user_id=1981939
Originator: NO
There is another conflicting exported symbol 'hash_free'.
Such symbols should not be exported at all... or at least prefixed.
This need to be fixed ASAP.
Some other common symbols to be fixed too (not exported or prefixed):
addEntry
addTable
add_mem_entry
add_pixmap_directory
add_table_entry
audit_set_ordinal_audit_status
build_delegate_public_info
changeauth_encdata
changeauth_key
changeauth_owner
changeauth_srk
context_free
copy_key_info
copy_key_info2
create_key_delegation
create_new_password_dialog
create_owner_delegation
create_password_dialog
create_pixbuf
create_pixmap
delfamily_free
do_delegate_manage
do_transport_decryption
do_transport_encryption
encdata_free
enter_event
freeEntry
freeTable
free_key_refs
free_resource
getData
getTable
get_delegate_index
get_file
get_local_random
get_num_pcrs
get_openssl_cipher
get_pcr_event_size
get_port
get_table_entry
get_user_ps_path
glade_set_atk_action_description
hash_free
host_table_init
initData
list_init
loadData
lookup_widget
merge_key_hierarchies
merge_key_hierarchies2
my_init
on_cancelbutton1_clicked
on_cancelbutton2_clicked
on_dialog1_close
on_entryConfirm_activate
on_entryPassword_activate
on_inputdialog1_destroy
on_okbutton1_clicked
on_okbutton2_clicked
pin_mem
policy_free
policy_has_expired
put_file
put_table_entry
read_data
recv_from_socket
remove_table_entry
rsa_encrypt
rsa_verify
rsakey_free
rsakey_set_pubkey
send_init
send_to_socket
sendit
setData
unpin_mem
write_data
As an example, on my system the trouSerS-exported constructor "my_init" conflicts with another one defined in the mysqlclient* libraries, therefore any application linking both libtspi and mysql (e.g. php, through GnuTLS) will crash on exit as libtspi's destructor function will be called without the constructor having been called before, because of the name clash.
I want to emphasize the importance of this issue. Fedora is currently expanding the use of this library which causes other applications to crash. I am also wondering why it takes several years to fix a bug like this.
Last edit: Dirk Schnelle-Walka 2014-02-17
Hi.
Problem here is lack of resources (the human one). I'm currently the
maintainer of TrouSerS, after Kent Yoder and Rajiv Andrade left this
position and I still couldn't track what they did or not to fix the past
bugs. I'm currently working on an important bug, but I'll take some time
to check this issue.
Em 17-02-2014 17:14, Dirk Schnelle-Walka escreveu:
Bug finally fixed. I'll provide another version as soon as I finish with
another bug.
Em 17-02-2014 17:14, Dirk Schnelle-Walka escreveu:
Related
Bugs: #106