Re: [SoX-devel] [ANNOUNCE] SoX 14.4.1rc3 Released

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Wed, Jan 30, 2013 at 10:30 PM, Chris Bagwell <ch...@cn...> wrote:
> For SoX, you should be able to get an idea of API and ABI modifications
> using "git log -u src/sox.h" since that defines our interface to library.
> That shows no modifications in dot branch since 14.4.0 release.

Good!

> I'll have to read up on this new approach.  Is it OK to ignore API/ABI
> changes related to internal-only symbols that we are allowing to leak out
> (those prefixed with lsx_)?

Hmm... are we suggesting users to make use of them in some cases?
Or we're discouraging that practice?

The initial project description that ended up creating those symbol
file mechanism does mention the case of libraries exposing private
symbols. It's considered noise and thus I would assume the maintainer
is expected to remove those symbols from the symbol file. That has the
consequence of having untracked symbols and thus, if applications uses
them, things will break and they'll be on their own.

In any case, why are we "leaking" them? I see there are lots of them,
they actually constitute the vast majority of symbols! (340/393).

I'm still not very experienced with shared library packaging. If I get
stuck, I may very well ask for advice on the debian-devel ML. More
experienced Debian devs/maintainers may shed some light.

Related to packaging changes I made recently and that will be
introduced in 14.4.1/14.4.2, it may also benefit SoX outside Debian to
build hardened binaries (see [1]). AFAIU, when gcc is used, it's only
a matter of adding some build flags e.g. "-D_FORTIFY_SOURCE=2",
"-fstack-protector --param ssp-buffer-size=4", etc.

Cheers,

-Pascal
[1] http://wiki.debian.org/Hardening
--
Homepage (http://organact.mine.nu)
Debian GNU/Linux (http://www.debian.org)
COMunité/LACIME: École de technologie supérieure (http://www.comunite.ca)
Integrated Microsystems Laboratory: McGill (http://www.iml.ece.mcgill.ca)