[Pkg-libburnia-devel] Bug#872761: libisofs6: stack overflow in iso_file_source_new_ifs()

Jakub Wilk jwilk at jwilk.net
Sun Aug 20 21:40:22 UTC 2017 

Package: libisofs6
Version: 1.4.6-1

xorriso crashes on the attached ISO image:

   $ xorriso -indev stackoverflow.iso -ls
   xorriso 1.4.6 : RockRidge filesystem manipulator, libburnia project.

   libisoburn: WARNING : ISO image size 808464432s larger than readable size 20s
   xorriso : NOTE : Loading ISO image tree from LBA 0
   Segmentation fault

This seems to be caused by infinite recursion in iso_file_source_new_ifs(), 
which overflows the stack.

Backtrace:

   #0  0xf7d98e70 in susp_iter_new (src=0x56559cc0, record=0x5a830658, len_skp=0 '\000', msgid=1048576) at libisofs/rockridge_read.c:53
   #1  0xf7d74f8d in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x5a830658, src=src at entry=0xffffd1ec, flag=0, parent=0x0) at libisofs/fs_image.c:1579
   #2  0xf7d74cb6 in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x5a82fe40, src=src at entry=0xffffd1ec, flag=0, parent=0x0) at libisofs/fs_image.c:1982
   #3  0xf7d74cb6 in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x5a82f628, src=src at entry=0xffffd1ec, flag=0, parent=0x0) at libisofs/fs_image.c:1982
   ...
   #32751 0xf7d74cb6 in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x56779da8, src=src at entry=0xffffd1ec, flag=0, parent=0x0) at libisofs/fs_image.c:1982
   #32752 0xf7d74cb6 in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x567795a0, src=src at entry=0xffffd1ec, flag=0, parent=0x0) at libisofs/fs_image.c:1982
   #32753 0xf7d74cb6 in iso_file_source_new_ifs (fs=fs at entry=0x5655a380, record=record at entry=0x5676fd08, src=src at entry=0xffffd1ec, flag=1, parent=0x0) at libisofs/fs_image.c:1982
   #32754 0xf7d75ec2 in ifs_get_root (fs=0x5655a380, root=0xffffd1ec) at libisofs/fs_image.c:2140
   #32755 0xf7d7d965 in iso_image_import (image=0x5656e8e0, src=0x56559cc0, opts=0x56559c88, features=0xffffd344) at libisofs/fs_image.c:5736
   #32756 0xf7e004e7 in isoburn_read_image (d=0xf7ce91a0 <drive_array>, read_opts=0x56559b40, image=0xffffd3ec) at libisoburn/isofs_wrap.c:316
   #32757 0xf7e61707 in Xorriso_aquire_drive (xorriso=0xf769c008, adr=<optimized out>, show_adr=<optimized out>, flag=1) at xorriso/drive_mgt.c:565
   #32758 0xf7e439a9 in Xorriso_option_dev (xorriso=0xf769c008, in_adr=<optimized out>, flag=1) at xorriso/opts_d_h.c:122
   #32759 0xf7e35925 in Xorriso_interpreter (xorriso=<optimized out>, argc=<optimized out>, argv=<optimized out>, idx=<optimized out>, flag=<optimized out>) at xorriso/parse_exec.c:1389
   #32760 0x56555ba7 in main (argc=4, argv=<optimized out>) at xorriso/xorriso_main.c:265


-- System Information:
Architecture: i386

Versions of packages libisofs6 depends on:
ii  libacl1  2.2.52-3+b1
ii  libc6    2.24-14
ii  libjte1  1.20-2+b1
ii  zlib1g   1:1.2.8.dfsg-5

-- 
Jakub Wilk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stackoverflow.iso.gz
Type: application/gzip
Size: 293 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-libburnia-devel/attachments/20170820/3ab69de6/attachment.bin>

More information about the Pkg-libburnia-devel mailing list