[Pkg-openssl-devel] Bug#656568: applications using https is crashing in amd64 due to libssl0.9.8 0.9.8o-4squeeze5

Gireesh Gopinathan gg200v at att.com
Fri Jan 20 05:57:01 UTC 2012 

Package: libssl0.9.8
Version: 0.9.8o-4squeeze5
Severity: high
Tags: patch

 

In amd64 machine while developing applications using gsoap(2.7.10) i am observing a crash. This crash happens when i try to enable ssl.
Not only with gsoap but also in any application which try to use https by linking against /usr/lib/libcrypto.so.0.9.8 this sort of crash happens.

But if I download the source code from debian site(openssl) , revert the debian patch patches/no-symbolic.patch   and build libcrypto.so library this crash is not happening.


contents of the patches/no-symbolic.patch   (If I revert this patch my application is running fine)
Index: openssl-0.9.8k/Makefile.shared
===================================================================
--- openssl-0.9.8k.orig/Makefile.shared 2009-07-19 11:35:02.000000000 +0200
+++ openssl-0.9.8k/Makefile.shared      2009-07-19 11:35:48.000000000 +0200
@@ -149,7 +149,7 @@
        SHLIB_SUFFIX=; \
        ALLSYMSFLAGS='-Wl,--whole-archive'; \
        NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-       SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+       SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
 DO_GNU_APP=LDFLAGS="$(CFLAGS)"


Core dump for the crash
Program terminated with signal 6, Aborted.
#0  0x00007f907278f165 in raise () from /lib/libc.so.6
(gdb) bt
#0  0x00007f907278f165 in raise () from /lib/libc.so.6
#1  0x00007f9072791f70 in abort () from /lib/libc.so.6
#2  0x00007f90727c527b in ?? () from /lib/libc.so.6
#3  0x00007f90727cead6 in ?? () from /lib/libc.so.6
#4  0x00007f90727d384c in free () from /lib/libc.so.6
#5  0x00007f906f435b2d in CRYPTO_free () from /usr/lib/libcrypto.so.0.9.8
#6  0x00007f906f499ec0 in EVP_MD_CTX_cleanup () from /usr/lib/libcrypto.so.0.9.8
#7  0x00007f906f77fe3c in ssl3_free () from /usr/lib/libssl.so.0.9.8
#8  0x00007f906f794120 in SSL_free () from /usr/lib/libssl.so.0.9.8
#9  0x00007f90734f3344 in tcp_disconnect (soap=0x6977c0) at stdsoap2_ssl_cpp.cpp:4639
#10 0x00007f90734f357a in soap_closesock (soap=0x6977c0) at stdsoap2_ssl_cpp.cpp:4684


SuggestedFix :  remove patches/no-symbolic.patch

 
-- System Information:

Debian Release: 6.0.3

APT prefers stable-updates

APT policy: (500, 'stable-updates'), (500, 'stable')

Architecture: amd64

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)

Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash

Versions of packages libssl0.9.8 depends on:

ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management system

ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib

ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime

libssl0.9.8 recommends no packages.

libssl0.9.8 suggests no packages.



Thanks,

 Gireesh Kumar G A

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20120119/66daf9de/attachment.html>

More information about the Pkg-openssl-devel mailing list