Mageia Bugzilla – Attachment 7384 Details for
Bug 16629
jasper new security issue CVE-2016-1867
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Information from upstream tests.
readme.txt (text/plain), 1.10 KB, created by
Len Lawrence
on 2016-01-28 19:29:52 CET
(
hide
)
Description:
Information from upstream tests.
Filename:
MIME Type:
Creator:
Len Lawrence
Created:
2016-01-28 19:29:52 CET
Size:
1.10 KB
patch
obsolete
>Starting program: /home/r/fuzz/jasper-1.900.1/jasper-1.900.1-31.fc23.src/jasper-1.900.1/src/appl/jasper -f ./jasper_poc/poc.jp2 -F temp.bmp -t jp2 -T bmp >warning: trailing garbage in marker segment (6 bytes) > >Program received signal SIGSEGV, Segmentation fault. >jpc_pi_nextcprl (pi=0x80a4ab0) at jpc_t2cod.c:435 >435 pi->xstep = pi->picomp->hsamp * (1 << (pirlvl->prcwidthexpn + >(gdb) bt >#0 jpc_pi_nextcprl (pi=0x80a4ab0) at jpc_t2cod.c:435 >#1 jpc_pi_next (pi=pi@entry=0x80a4ab0) at jpc_t2cod.c:125 >#2 0x08062d85 in jpc_dec_decodepkts (dec=dec@entry=0x809a5b8, > pkthdrstream=0x8096308, in=0x8096308) at jpc_t2dec.c:441 >#3 0x0806202a in jpc_dec_process_sod (dec=0x809a5b8, ms=0x0) at jpc_dec.c:591 >#4 0x0806158d in jpc_dec_decode (dec=0x809a5b8) at jpc_dec.c:390 >#5 jpc_decode (in=in@entry=0x8096308, optstr=optstr@entry=0x0) > at jpc_dec.c:254 >#6 0x08056627 in jp2_decode (in=0x8096308, optstr=0x0) at jp2_dec.c:215 >#7 0x08051a28 in jas_image_decode (in=in@entry=0x8096308, > fmt=<optimized out>, optstr=0x0) at jas_image.c:379 >#8 0x08048f19 in main (argc=9, argv=0xbffff094) at jasper.c:229
Starting program: /home/r/fuzz/jasper-1.900.1/jasper-1.900.1-31.fc23.src/jasper-1.900.1/src/appl/jasper -f ./jasper_poc/poc.jp2 -F temp.bmp -t jp2 -T bmp warning: trailing garbage in marker segment (6 bytes) Program received signal SIGSEGV, Segmentation fault. jpc_pi_nextcprl (pi=0x80a4ab0) at jpc_t2cod.c:435 435 pi->xstep = pi->picomp->hsamp * (1 << (pirlvl->prcwidthexpn + (gdb) bt #0 jpc_pi_nextcprl (pi=0x80a4ab0) at jpc_t2cod.c:435 #1 jpc_pi_next (pi=pi@entry=0x80a4ab0) at jpc_t2cod.c:125 #2 0x08062d85 in jpc_dec_decodepkts (dec=dec@entry=0x809a5b8, pkthdrstream=0x8096308, in=0x8096308) at jpc_t2dec.c:441 #3 0x0806202a in jpc_dec_process_sod (dec=0x809a5b8, ms=0x0) at jpc_dec.c:591 #4 0x0806158d in jpc_dec_decode (dec=0x809a5b8) at jpc_dec.c:390 #5 jpc_decode (in=in@entry=0x8096308, optstr=optstr@entry=0x0) at jpc_dec.c:254 #6 0x08056627 in jp2_decode (in=0x8096308, optstr=0x0) at jp2_dec.c:215 #7 0x08051a28 in jas_image_decode (in=in@entry=0x8096308, fmt=<optimized out>, optstr=0x0) at jas_image.c:379 #8 0x08048f19 in main (argc=9, argv=0xbffff094) at jasper.c:229
View Attachment As Raw
Actions:
View
Attachments on
bug 16629
:
7383
| 7384