NetBSD Problem Report #46912

From  Thu Sep  6 09:40:20 2012
Return-Path: <>
Received: from ( [])
	by (Postfix) with ESMTP id 0736063B9BC
	for <>; Thu,  6 Sep 2012 09:40:20 +0000 (UTC)
Message-Id: <>
Date: Thu,  6 Sep 2012 11:40:05 +0200 (CEST)
Subject: mysql51-client in 2012Q2 blows up libcrypto
X-Send-Pr-Version: 3.95

>Number:         46912
>Category:       pkg
>Synopsis:       mysql51-client in 2012Q2 blows up libcrypto
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Sep 06 09:45:00 +0000 2012
>Closed-Date:    Tue Jan 08 01:34:46 +0000 2013
>Last-Modified:  Tue Jan 08 01:34:46 +0000 2013
>Originator:     Wolfgang Stukenbrock
>Release:        NetBSD 5.1_STABLE
Dr. Nagler & Company GmbH

System: NetBSD test-s0 4.0 NetBSD 4.0 (NSW-WS) #0: Tue Aug 17 17:28:09 CEST 2010 wgstuken@test-s0:/usr/src/sys/arch/amd64/compile/NSW-WS amd64
Architecture: x86_64
Machine: amd64
	The mysql51-client package from 2012Q2 compiles a file named
	"extra/yassl/taocrypt/src/crypto.cpp" into the library so that
	it will belong to libmysqlclient.a,,
	libmysqlclient_r.a and
	In this file the following overloads for routines from libcrypto
	are defined:
	char CRYPTO_lock() { return 0;}
	char CRYPTO_add_lock() { return 0;}
	char EVP_CIPHER_CTX_init() { return 0; }
	char CRYPTO_mem_ctrl() { return 0; }

	Theese four dummy functions are the only contents of this file.
	If - as in our case - is loaded prior, than theese functions get overwritten resulting
	in a double free-call during engine-initialisation of libcrypto
	resulting in a SEGV.
	This e.g. happens when you try to run bacula directory deamon.
	Just try to use bacula server from 2012Q2 - you will see bacula-dir
	SEGV during startup.
	Do not overload symbols from other libraries in mysql client libs.
	There are two ways to get to this point:
	1. comment out via patch the definitions in that file
	2. avoid compilation of that file in makefile via patch

	remark: I've found the symbols in the following libs in /usr/pkg/lib/mysql:
	It is in libmysqld.a too - so the server build seems to be affected too.

	remark: version 15.0.0 (from 5.0.51b) of the lib does not contain
	these symbols.
	It seems to be a "feature" of mysql 5.1.53 ...


From: "OBATA Akio" <>
Subject: Re: pkg/46912: mysql51-client in 2012Q2 blows up libcrypto
Date: Wed, 12 Sep 2012 21:45:22 +0900

 Followings may be related to this issue.

 In databases/mysql51-client/

 CONFIGURE_ARGS+=	--with-ssl=yes

 It will result in unwanted behavior, selecting bundled yaSSL
 instead of external OpenSSL whereas buildinking it.
 Its option variable must be the location of OpenSSL

 This change may require recursive PKGREVISION bump,
 because libraries from mysql51 will change its ABI.

 And, it means mysql51 from pkgsrc is using bundled yaSSL now,
 so re-evaluation of yaSSL related vulnerability reports may be required.

 OBATA Akio /

From: "OBATA Akio" <>
Subject: PR/46912 CVS commit: pkgsrc/databases
Date: Sat, 15 Sep 2012 14:48:58 +0000

 Module Name:	pkgsrc
 Committed By:	obache
 Date:		Sat Sep 15 14:48:58 UTC 2012

 Modified Files:
 	pkgsrc/databases/mysql51-client: Makefile.common distinfo
 	pkgsrc/databases/mysql51-server: PLIST distinfo

 Log Message:
 Update mysql51 to 5.1.65.

 While here, let to use OpenSSL instead of internal yaSSL with ssl option,
 may related to PR 46912.

 Changes in MySQL 5.1.65 (2012-08-09)

 Functionality Added or Changed

 * Important Change: The YEAR(2) data type is now deprecated because it is
   problematic. Support for YEAR(2) will be removed in a future release of MySQL.
   For more information, see Section 11.3.4, "YEAR(2) Limitations and Migrating
   to YEAR(4)".

 Bugs Fixed

  * The server did not build with gcc 4.7. (Bug #14238406)

 Changes in MySQL 5.1.64 (Not released)

 Functionality Added or Changed

 * Important Change: Replication: The SHOW BINARY LOGS statement (and its
   equivalent SHOW MASTER LOGS) may now be executed by a user with the
   REPLICATION CLIENT privilege. (Formerly, the SUPER privilege was necessary to
   use either form of this statement.)

 To generate a diff of this commit:
 cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/mysql51-client/Makefile.common
 cvs rdiff -u -r1.22 -r1.23 pkgsrc/databases/mysql51-client/distinfo
 cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/mysql51-client/
 cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/mysql51-server/PLIST
 cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/mysql51-server/distinfo

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->feedback
State-Changed-When: Mon, 31 Dec 2012 14:33:37 +0000
fixed for you?

From: Wolfgang Stukenbrock <>
Subject: Re: pkg/46912 (mysql51-client in 2012Q2 blows up libcrypto)
Date: Mon, 07 Jan 2013 18:03:29 +0100


 I've added the changes to a fresh pkgsrc-2012Q2 version.
 It compiles without problems on netbsd 5.1.2 and seems to use the 
 ssl-lib from /usr/lib.

 I've done no functional test, but I think the ssl-lib on Netbsd should 
 work. At least mysql starts and can connect to a remote server.

 I think you can close this report.

 best regards

 W. Stukenbrock wrote:

 > Synopsis: mysql51-client in 2012Q2 blows up libcrypto
 > State-Changed-From-To: open->feedback
 > State-Changed-By:
 > State-Changed-When: Mon, 31 Dec 2012 14:33:37 +0000
 > State-Changed-Why:
 > fixed for you?

State-Changed-From-To: feedback->closed
State-Changed-When: Tue, 08 Jan 2013 01:34:46 +0000
Confirmed fixed.  Thanks!


NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD:,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.