Bug#300119: libc6: LD_DEBUG=versions can lead to segmentation fault
Package: libc6
Version: 2.3.2.ds1-20
Severity: normal
1) I compiled /usr/lib/libpng12.so.0 aka libpng12.so.0.1.2.8 from
sources and installed it. Symptoms are the same using the Debian
source package or the tarball from libpng.org.
2) As a tangential issue: Many programs (even ones like "vi", for
which it doesn't make much sense) now issue the warning
/usr/lib/libpng12.so.0: no version information available (required by ...)
which is pretty weird; why does "vi" depend on libpng anyway?
I note in passing that the libpng makefile tries to set some
version information with -soname, and I don't understand why
that isn't good enough .... but that is *not* the bug I wish to
emphasize at the moment.
3) In the attempt to debug the tangential issue, I tried using
LD_DEBUG=versions. What a disaster. Any program that
previously issued a warning now segfaults. For example:
LD_DEBUG=versions vi
[snip]
12633: checking for version `GLIBC_2.0' in file /lib/libgcc_s.so.1 required by file /usr/lib/libqt-mt.so.3
12633: checking for version `PNG12_0' in file /usr/lib/libpng12.so.0 required by file /usr/lib/libqt-mt.so.3
Segmentation fault
Bottom line: I don't know what (if anything) is wrong with
libpng12 ... but no matter what, it shouldn't cause ld.so
to segfault. Wild memory references often lead to sneaky
security problems, not to mention the obvious loss of functionality.
And BTW, as a bonus, if somebody can explain what incantations
are required to compile things with "version information" that
works, that would be great.
Thanks!
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
Reply to: