Package: libsasl2 Version: 2.1.22.dfsg1-8 Severity: important Tags: patch When working on NuFW (http://www.nufw.org), I've encounter some weird crash when calling sasl_dispose. The problem was in fact a logic problem in sasl_set_mutex.
NuFW uses sasl and libldap_r. NuFW has to do a call to sasl_set_mutex because it is multithreaded. One of the NuFW module uses libldap_r which also does a call to sasl_set_mutex. By doing this, we run into a problem because sasl_MUTEX_* function change during run time. Thus we can allocate a mutex with NuFW function and destroy it with libldap_r function. This lead to a crash in almost all cases. This problem occurs in NuFW but will occur with any application using SASL and a library using SASL. IMHO, the only clean workaround is to modify sasl_set_mutex(): it should not be run twice in the same program. I attach a simple patch which implement this behaviour. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-028stab053 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages libsasl2 depends on: ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library libsasl2 recommends no packages. -- no debconf information
0016_sasl_set_mutex.dpatch
Description: application/shellscript
