Hello, On 2021-05-18 11:51, Jan Engelhardt wrote:
On Tuesday 2021-05-18 10:45, Simon Lees wrote:
The warning means, that the library exists the program
... Its also worth noting that in some cases upstream has a really good reason for this (or the error is incorrect) and in such cases you can continue to ignore the warning (this is why its a warning not an error).
Unless a library uses fork() to make some new processes, I can't really see an excuse for "exit".
At minimum, that should be an abort.
I think things depend on how that rpmlint test is implemented. The rpmlint message was (long line wrapped) --------------------------------------------------------------------- RPMLINT report: bamtools.x86_64: W: shared-lib-calls-exit /usr/lib64/libbamtools.so.2.5.1 exit@GLIBC_2.2.5 --------------------------------------------------------------------- so it looks as if the rpmlint test inspects the compiled library /usr/lib64/libbamtools.so.2.5.1 If the rpmlint test inspects the compiled library and finds that it calls exit or abort then both behave malicious in the same way for end-users because for the user the program just gets "killed" without any chance to get a meaningful (error) message. According to "man 3 abort" it seems abort is even more "brutal" than exit because "starting with glibc 2.27, abort() terminates the process without flushing streams". In contrast if the rpmlint test inspects the source code and finds that the library calls exit or abort then it could be false alarm when those calls get compiled only when some special use case is configured (e.g. via "configure --with-assertions" or similar) that is only meant to be used e.g. by software developers but not in normal end-user environments. Simply put: In normal environments library calls must not terminate the caller. Kind Regards Johannes Meixner -- SUSE Software Solutions Germany GmbH Maxfeldstr. 5 - 90409 Nuernberg - Germany (HRB 36809, AG Nuernberg) GF: Felix Imendoerffer