[Pkg-owncloud-maintainers] Bug#922489: qtkeychain: relies on existence of libsecret-1.so -dev symlink

Sandro Knauß hefee at debian.org
Sun Feb 17 10:31:52 GMT 2019


Control: Forwarded -1 https://github.com/frankosterfeld/qtkeychain/pull/139

Hey,

thanks for the fast reply, that gave me the right direction to search for the 
bugfix.

> I think this is a qtkeychain bug. This code that appears to be responsible
> for dlopen()ing libsecret:
> 
>     LibSecretKeyring::LibSecretKeyring()
> 
>         : QLibrary("secret-1")
> 
> doesn't mention the ABI version, so it could equally easily end up loading
> an incompatible future library libsecret-1.so.1 or libsecret-1.so.27,
> and then crashing when it calls a function by assuming that it has the
> same ABI as the corresponding function in libsecret-1.so.0.

This was the bug, that there is no version added to QLibrary. Actually all 
other libraries have a abiversion defined. I added a patch upstream to fix this.

> I haven't programmed against Qt for years, but the documentation
> suggest that it should probably inherit from QLibrary("secret-1", 0)
> as described at <https://doc.qt.io/qt-5/qlibrary.html#QLibrary-2>,
> so that Qt will specifically load libsecret-1.so.0 on Unix platforms.

Interestingly that noone stumbled over this bug before...

hefee
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-owncloud-maintainers/attachments/20190217/d8401335/attachment.sig>


More information about the Pkg-owncloud-maintainers mailing list