[SRU] weex crash/core dumps under Ubuntu 18.04 LTS.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
weex (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Incomplete
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[ Impact ]
weex is completely unusable in Focal as it will always segfault if any user tries to run the application.
The problem was caused in '2.8.3ubuntu2' when it was rebuilt for openssl1.1. The configure script is checking for SSL_library_init() in libssl.so to determine if openssl is available or not. But SSL_library_init() was deprecated in openssl1.1 and so the package even though it was rebuilt just silently dropped the openssl support.
As a result when 'weex' tried to connect to a ftp host, it tried to use a NULL pointer when it was trying to check if the host uses ssl or not.
[ Test Plan ]
* setup a ftp server
- I have used vsftpd for this test. And the default configuration file is enough for this test.
* Install weex
* create the conf file at ~/.weex/weexrc
* The following is enough for this test:
[local]
HostName = 127.0.0.1
SrcDir = <srcdir>
DestDir = /ftp
[default]
LoginName = <user>
Password = <password>
* Replace SrcDir, LoginName and Password as appropriate for the system on which its tested.
* execute 'weex local'
[ Where problems could occur ]
* This is an upstream change and was fixed in v2.8.4. None of the actual code is changed and is only using openssl1.1 correctly while building. And, so it should not affect user experience.
[ Other Info ]
* Only Focal is affected, all versions from Jammy are fixed as they have v2.8.4.
* imho, the code is wrong. The configure scipt is checking for openssl and then defining USE_SSL if it finds libssl. So, if USE_SSL is not defined then the pointer 'host_use_SSL' is never initialized. But even then the code is trying to use that pointer.
* This is actually (re)introducing SSL support back into the package,
which was not available at Focal release, so this could be seen as
a feature.
However, considering the lack of SSL breaks the *non-SSL* FTP case
(no guard in ftp_connect()) this could also be considered a bug-fix,
as the package only has FTP (non-SSL) and SFTP (SSL) functionality.
Perhaps fixing the SSL guards properly to prevent the segfault in
non-SSL FTP mode is the minimal/actual bug-fix, but then there is
little left for this package (and its docs/man would need updates).
[ Original Bug Description ]
Weex systematically crash under Ubuntu 18.04 LTS. I have no clue why.
$ weex website
Connect : ftp.somesite.com
Segmentation fault (core dumped)
$
tags: | added: bionic |
Changed in weex (Ubuntu Focal): | |
status: | Incomplete → In Progress |
Changed in weex (Ubuntu Jammy): | |
status: | New → Fix Released |
Changed in weex (Ubuntu Focal): | |
importance: | Undecided → Medium |
tags: |
added: verification-failed verification-failed-focal removed: verification-needed verification-needed-focal |
The following worked for me:
Download the source from Sourceforge: https:/ /sourceforge. net/projects/ weex/files/ weex/
Copy config.guess into the build directory, for example from /usr/share/ automake- 1.15/config. guess.
Change line 36 of configure.in to
AC_CHECK_ LIB([ssl] ,[SSL_connect] ,
and run
autoconf configure.in > configure
automake --add-missing
autoreconf -vf
./configure
make
sudo make install
Now there is a /usr/local/bin/weex that doesn't crash.