Date: Wed, 24 Sep 2008 16:38:58 GMT From: Tom Evans <tevans.uk@googlemail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/127616: security/py-xmlsec misconstrues CFLAGS from xmlsec on 64 bit platforms Message-ID: <200809241638.m8OGcwAd088944@www.freebsd.org> Resent-Message-ID: <200809241640.m8OGe4vt035546@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 127616 >Category: ports >Synopsis: security/py-xmlsec misconstrues CFLAGS from xmlsec on 64 bit platforms >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Sep 24 16:40:03 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Tom Evans >Release: 7.0 RELEASE >Organization: Mintel International >Environment: FreeBSD xxxxx.mintel.co.uk 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Fri Mar 7 01:52:33 UTC 2008 root@xxxx.usdmm.com:/usr/obj/usr/src/sys/PE1950 amd64 >Description: py-xmlsec uses pkg-config to retrieve the CFLAGS required for compiling against libxmlsec1. It then marshalls them into an array for distutils.core.Extension to build and install the python module. However, it has a bug where by py-xmlsec's setup.py reads in a CFLAG define present on 64bit configurations of xmlsec1, which is only specified as "-DXMLSEC_NO_SIZE_T" by xmlsec1's pkg-config. It passes this to distutils as the tuple '(XMLSEC_NO_SIZE_T)', which is interpreted by distutils as being a CFLAG undefine, and is passed into the build phase as "-UXMLSEC_NO_SIZE_T". This causes missized structures to be passed between the two, leading very quickly to a seg fault. >How-To-Repeat: (on amd64) cd /usr/ports/security/py-xmlsec make clean all install echo -e "import xmlsec\nprint xmlsec.keyDataRsaId().getName()" | python - Segmentation fault: 11 (core dumped) >Fix: Replace security/py-xmlsec/files/patch-setup.py with attached patch (I hate patches of patches!) Patch attached with submission follows: --- setup.py.orig 2006-01-01 17:43:37.000000000 +0000 +++ setup.py 2008-09-24 17:07:42.000000000 +0100 @@ -71,22 +71,22 @@ # the crypto engine name : openssl, gnutls or nss xmlsec1_crypto = "openssl" -if 'build' in sys.argv: - msg = '\nChoose a crypto engine :\n' \ - ' 1. OpenSSL\n' \ - ' 2. GnuTLS\n' \ - ' 3. NSS\n' \ - 'Your choice : ' - reply = raw_input(msg) - choice = None - if reply: - choice = reply[0] - if choice == '1': - xmlsec1_crypto = "openssl" - elif choice == '2': - xmlsec1_crypto = "gnutls" - elif choice == '3': - xmlsec1_crypto = "nss" +#if 'build' in sys.argv: +# msg = '\nChoose a crypto engine :\n' \ +# ' 1. OpenSSL\n' \ +# ' 2. GnuTLS\n' \ +# ' 3. NSS\n' \ +# 'Your choice : ' +# reply = raw_input(msg) +# choice = None +# if reply: +# choice = reply[0] +# if choice == '1': +# xmlsec1_crypto = "openssl" +# elif choice == '2': +# xmlsec1_crypto = "gnutls" +# elif choice == '3': +# xmlsec1_crypto = "nss" define_macros = [] include_dirs = [] @@ -104,7 +104,10 @@ if flag[2:] not in include_dirs: include_dirs.append(flag[2:]) elif flag[:2] == "-D": - t = tuple(flag[2:].split('=')) + t = flag[2:].split('=') + if (len(t) == 1): + t.append('1') + t = tuple(t) if t not in define_macros: define_macros.append(t) else: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809241638.m8OGcwAd088944>