Heads-Up: Beware of xmlCleanupParser() when your package links against libxml2
Lennart Poettering
mzerqung at 0pointer.de
Wed Jan 13 02:54:36 UTC 2010
On Wed, 13.01.10 00:21, Lennart Poettering (mzerqung at 0pointer.de) wrote:
> Heya!
>
> if you have code that links against libxml2 and calls
> xmlCleanupParser() please verify that your project does that at the
> appropriate place (i.e. immediately before exiting, and only once).
>
> That function might delete TLS fields that belong to other libraries
> (such as PA's client libs) if called twice. To the effect that PA
> might look bad. And I don't like that.
>
> So, please: if you have a library linking against libxml2, verify that
> xmlCleanupParser() is called at the appropriate places and only once.
>
> For now at least Empathy and Abiword are calling this function where
> they shouldn't, but a google code search reveals that at least
> inkscape and dia do it too. I stopped looking after that,
> extrapolating that this means "everyone is doing this worng". Hence
> this mail.
The Debian folks have their entire source tree indexed and have this
search engine for symbols:
http://source.debian.net/source/search?n=25&start=0&q=xmlCleanupParser
I figure our package set is not that different from theirs, so you
might want to have a look on the list of packages that uses that
function call. Already on the first page of that output there's
fwbuilder, a PAM module and more misusing that function.
Oh, and we definitely need a source code indexer for fedora too!
Lennart
--
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
More information about the devel
mailing list