Heads-Up: Beware of xmlCleanupParser() when your package links against libxml2

[Lennart Poettering]

On Wed, 13.01.10 16:54, Simo Sorce (ssorce at redhat.com) wrote:

> > Oh, and let's note that other libraries have exactly the same
> > probs. Let's pick dbus for example which many might consider a
> > benchmark in many ways. There is dbus_shutdown() which does about the
> > same thing as xmlCleanupParser(). And libdbus isn't linked with -z
> > nodelete. A module that pulls it in has hence exactly the same
> > problems. For example, let's say there was a module by the name of
> > /lib64/security/pam_ck_connector.so which links against libdbus.so it
> > will leak memory each time it is invoked by a process that not by
> > itself links against libdbus, which we'll call "/bin/login" for
> > now. And there you have it: the same dilemma: either the module calls
> > dbus_shutdown and hence breaks every other dbus-using PAM module that
> > might be loaded, or it might not call it in which case it will leak
> > memory. Same dilemma.
> > 
> > It's a common problem. In fact, libpulse had a similar issue until i
> > added -z nodelete to its linker line.
> 
> The dilemma is in broken libraries that use global variables instead of
> explicitly initialized memory contexts so that you can have multiple
> completely independent instances and also happen to help make them
> thread safe.

If things really were that simple. Unfortunately they aren't.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/           GnuPG 0x1A015CC4