[Pkg-gmagick-im-team] Bug#619134: Bug#619134: /usr/bin/display: Bus Error on EIO
roucaries bastien
roucaries.bastien+debian at gmail.com
Mon Mar 21 15:38:38 UTC 2011
On Mon, Mar 21, 2011 at 4:34 PM, Meelis Roos <mroos at linux.ee> wrote:
>> > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)= 0x7feea7df3000
>> > read(4, 0x7feea7df3000, 2048) = -1 EIO (Input/output error)
>> > lseek(4, 0, SEEK_SET) = 0
>> > mmap(NULL, 8206, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7feea7df0000
>> > close(4) = 0
>> > munmap(0x7feea7df3000, 4096) = 0
>> > --- SIGBUS (Bus error) @ 0 (0) ---
>> > +++ killed by SIGBUS +++
>>
>> SIGBUS after mumap an EIO file is not a imagemagick problem.
>>
>> see http://linux.die.net/man/2/mmap and also
>> http://mail.gnome.org/archives/mc-devel/2001-September/msg00104.html
>
> Umm, yes, of course this is documented behaviour of mmap. But accessing
> the mmaped region after close and munmap is where I see the bug here.
> Use-after-free of sort. Am I wrong with this?
No it is not. Close release the file handle, mumap release the memory handle.
try to open a file, mmap close it, and read mmap area you will see
that you could still write to it.
Bastien
> --
> Meelis Roos (mroos at linux.ee)
>
More information about the Pkg-gmagick-im-team
mailing list