Bug 978872 - stdsoap2.h: struct soap should match exactly with what libgsoap uses
stdsoap2.h: struct soap should match exactly with what libgsoap uses
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: gsoap (Show other bugs)
20
All Linux
unspecified Severity medium
: ---
: ---
Assigned To: Mattias Ellert
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-27 05:12 EDT by Dennis van Dok
Modified: 2013-11-10 01:16 EST (History)
2 users (show)

See Also:
Fixed In Version: gsoap-2.8.12-4.fc20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-10-26 23:53:42 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Debian BTS 712685 None None None Never

  None (edit)
Description Dennis van Dok 2013-06-27 05:12:37 EDT
Description of problem:

gsoap installs stdsoap2.h (it is in package gsoap-devel), with no changes
from the sources. This file contains many #ifdef ... #endif constructs
to select features.

This file is used at build time of libgsoap.so; one of the datastructures
in this library is called struct SOAP_STD_API soap. Depending on the use of
the WITH_IPV6 flag, the size of one of its fields differs:

#ifdef WITH_IPV6
  struct sockaddr_storage peer;	/* IPv6: set by soap_accept and by UDP recv */
#else
  struct sockaddr_in peer;	/* IPv4: set by soap_connect/soap_accept and by UDP recv */
#endif

Applications that build and link to libgsoap *must* match this choice exactly,
at the risk of misaligning the fields of struct soap which could result in
crashes. This also leads to potential security vulnerabilities. It is particulary
unsafe to forget -DWITH_IPV6 when building against libgsoap.so.

The choices for libgsoap are recorded in the pkgconfig files
(gsoap.pc), but rather than relying on pkgconfig, it would seem safer
to install a version of stdsoap2.h that fixes all such choices
according to what was chosen for libgsoap.so.

How reproducible:

Easy

Steps to Reproduce:
1. build any application linking against libgsoap.so, without using -DWITH_IPV6
2. run and crash


Additional info:

I think that this could be addressed upstream.
Comment 1 Fedora End Of Life 2013-09-16 10:16:56 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20
Comment 2 Fedora Update System 2013-10-17 02:50:57 EDT
gsoap-2.7.16-4.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/gsoap-2.7.16-4.el6
Comment 3 Fedora Update System 2013-10-17 02:51:08 EDT
gsoap-2.8.12-4.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/gsoap-2.8.12-4.fc20
Comment 4 Fedora Update System 2013-10-17 02:51:18 EDT
gsoap-2.8.12-4.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/gsoap-2.8.12-4.fc19
Comment 5 Fedora Update System 2013-10-17 02:51:30 EDT
gsoap-2.7.13-5.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/gsoap-2.7.13-5.el5
Comment 6 Fedora Update System 2013-10-17 14:03:36 EDT
Package gsoap-2.7.13-5.el5:
* should fix your issue,
* was pushed to the Fedora EPEL 5 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing gsoap-2.7.13-5.el5'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-11849/gsoap-2.7.13-5.el5
then log in and leave karma (feedback).
Comment 7 Fedora Update System 2013-10-26 23:53:42 EDT
gsoap-2.8.12-4.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2013-10-27 01:37:55 EDT
gsoap-2.8.12-4.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2013-11-01 17:06:05 EDT
gsoap-2.7.13-5.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2013-11-01 17:10:59 EDT
gsoap-2.7.16-4.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2013-11-10 01:16:09 EST
gsoap-2.8.12-4.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.