Bug 664863 - py-xmlsec misconstrues CFLAGS from xmlsec on 64 bit platforms
Summary: py-xmlsec misconstrues CFLAGS from xmlsec on 64 bit platforms
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: pyxmlsec
Version: 14
Hardware: x86_64
OS: Linux
low
medium
Target Milestone: ---
Assignee: Lubomir Rintel
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-21 22:44 UTC by Dan Young
Modified: 2011-02-14 20:31 UTC (History)
2 users (show)

Fixed In Version: pyxmlsec-0.3.0-8.fc14
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-02-14 20:31:26 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
CFLAGS setup.py patch (543 bytes, patch)
2010-12-21 22:44 UTC, Dan Young 		no flags Details | Diff
View All

Description Dan Young 2010-12-21 22:44:12 UTC 
Created attachment 470093 [details]
CFLAGS setup.py patch

Description of problem:
This is largely copied from this bug filed in the FreeBSD bug tracker:
http://www.freebsd.org/cgi/query-pr.cgi?pr=127616

py-xmlsec uses pkg-config to retrieve the CFLAGS required for compiling against libxmlsec1. It then marshalls them into an array for distutils.core.Extension to build and install the python module.

However, it has a bug where by py-xmlsec's setup.py reads in a CFLAG define present on 64bit configurations of xmlsec1, which is only specified as "-DXMLSEC_NO_SIZE_T" by xmlsec1's pkg-config. It passes this to distutils as the tuple '(XMLSEC_NO_SIZE_T)', which is interpreted by distutils as being a CFLAG undefine, and is passed into the build phase as "-UXMLSEC_NO_SIZE_T". This causes missized structures to be passed between the two, leading very quickly to a seg fault.

Version-Release number of selected component (if applicable):
0.3.0-7

How reproducible:
Always.

Steps to Reproduce:
1. python
2. import xmlsec
3. print xmlsec.keyDataRsaId().getName()"
  
Actual results:
Segmentation fault (core dumped)

Expected results:
rsa

Additional info:
Here's the upstream bug, though it appears this project has languished for some time now, as it's still open a year after it was submitted:
https://labs.libre-entreprise.org/tracker/index.php?func=detail&aid=1920&group_id=17&atid=149

Also, this bug appears to manifest in the EPEL5 package as well. 

I can confirm that the patch from the FreeBSD bug tracker fixes this. I've attached it without the part where the strip out the GnuTLS and NSS crypto options.
Comment 1 Dan Young 2011-01-26 00:00:59 UTC 
Ping?
Comment 2 Fedora Update System 2011-02-02 23:08:11 UTC 
pyxmlsec-0.3.0-8.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/pyxmlsec-0.3.0-8.fc14
Comment 3 Fedora Update System 2011-02-03 20:26:44 UTC 
pyxmlsec-0.3.0-8.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update pyxmlsec'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/pyxmlsec-0.3.0-8.fc14
Comment 4 Fedora Update System 2011-02-14 20:31:20 UTC 
pyxmlsec-0.3.0-8.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.