Source: libextractor Version: 1:1.10-1 Severity: normal X-Debbugs-Cc: Control: affects -1 libgsf-1-114
Hi, I'm not certain whether the bug is in libextractor or libgsf, or whether AppArmor really is the culprit, so please reassign if you can narrow down the blame. This issue can be reproduced with extract but also affected my libextractor application: $ extract -V /usr/share/info/debian-policy.info.gz Keywords for file /usr/share/info/debian-policy.info.gz: ** (process:264298): CRITICAL **: 20:36:23.070: gsf_input_set_size: assertion 'size >= 0' failed mimetype - application/octet-stream However things are jolly if done in-process: $ extract -V -i /usr/share/info/debian-policy.info.gz Keywords for file /usr/share/info/debian-policy.info.gz: mimetype - application/octet-stream dmesg looks like this: [123999.226691] audit: type=1400 audit(1602895069.349:1254): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name="libextractor" pid=264373 comm="extract" I'll follow up should I find it's not coincidental (it pertains to a different library), but when using libextract I kept noticing a segfault right after the AppArmor denial: [123474.446830] audit: type=1400 audit(1602894544.570:1042): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name="libextractor" pid=263803 comm="a.out" [123474.505462] a.out[263803]: segfault at 18 ip 00007f5ea5867a7c sp 00007ffe0bc50f70 error 4 in libavcodec.so.58.91.100[7f5ea5353000+9c1000] - -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (2, 'unstable'), (1, 'testing-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.8.0-2-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_USER, TAINT_WARN, TAINT_FIRMWARE_WORKAROUND Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
signature.asc
Description: This is a digitally signed message part.
