Package: libopenjp2-tools Version: 2.1.0-2.1 Severity: important Tags: security
Dear Maintainer, I've found a sample crashing opj_dump. I can provide it privately, but I'm not attaching it here, because I don't think that making it public before the issue is fixed would be a good idea. Backtrace: $ gdb --batch -ex r -ex bt -ex q --args opj_dump -i id_e71ebe2fa4e87ee3b41c505706031b3b940f3f98.jp2 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00007ffff77a0574 in opj_read_bytes_LE (p_buffer=p_buffer@entry=0x100614b82 <error: Cannot access memory at address 0x100614b82>, p_value=p_value@entry=0x7fffffff7130, p_nb_bytes=p_nb_bytes@entry=4) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/cio.c:87 87 /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/cio.c: No such file or directory. #0 0x00007ffff77a0574 in opj_read_bytes_LE (p_buffer=p_buffer@entry=0x100614b82 <error: Cannot access memory at address 0x100614b82>, p_value=p_value@entry=0x7fffffff7130, p_nb_bytes=p_nb_bytes@entry=4) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/cio.c:87 #1 0x00007ffff77b19b0 in opj_jp2_read_boxhdr_char (p_manager=0x612358, p_box_max_size=35, p_number_bytes_read=<synthetic pointer>, p_data=0x100614b82 <error: Cannot access memory at address 0x100614b82>, box=<synthetic pointer>) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/jp2.c:2230 #2 opj_jp2_read_jp2h (jp2=0x6123b0, p_header_data=0x100614b82 <error: Cannot access memory at address 0x100614b82>, p_header_size=35, p_manager=0x612358) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/jp2.c:2177 #3 0x00007ffff77b2b51 in opj_jp2_read_header_procedure (jp2=0x6123b0, stream=0x612280, p_manager=0x612358) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/jp2.c:1866 #4 0x00007ffff77b2da4 in opj_jp2_exec (jp2=jp2@entry=0x6123b0, p_procedure_list=0x614b00, stream=stream@entry=0x612280, p_manager=p_manager@entry=0x612358) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/jp2.c:1917 #5 0x00007ffff77b55f2 in opj_jp2_read_header (p_stream=0x612280, jp2=0x6123b0, p_image=0x7fffffff72c8, p_manager=0x612358) at /home/nirgal/openjpeg2-2.1.0/src/lib/openjp2/jp2.c:2299 #6 0x000000000040320c in main (argc=0, argv=0x612300) at /home/nirgal/openjpeg2-2.1.0/src/bin/jp2/opj_dump.c:547 A debugging session is active. Inferior 1 [process 4091] will be killed. Quit anyway? (y or n) [answered Y; input not from terminal] Best regards, Andreas -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.3.0-rc5-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages libopenjp2-tools depends on: ii libc6 2.19-22 ii liblcms2-2 2.6-3+b3 ii libopenjp2-7 2.1.0-2.1 ii libpng12-0 1.2.50-2+b2 ii libtiff5 4.0.5-1 ii zlib1g 1:1.2.8.dfsg-2+b1 libopenjp2-tools recommends no packages. libopenjp2-tools suggests no packages. -- no debconf information