[Pkg-phototools-devel] Bug#773968: feh hangs on invalid bmp images
Jussi Judin
jjudin+debian at iki.fi
Fri Dec 26 11:01:23 UTC 2014
Package: feh
Version: 2.12-1
Severity: normal
Feh hangs in an infinite loop when given invalid bmp images in
a mode that should help determining if the image can be displayed (-U
command line argument). I did run feh on a afl[1]-generated image test
sets[2] to figure out if any specific images cause problems for
feh. If you try feh with following command line parameters on the
attached images (after extracting them from a tarball), you should see
timeouts:
$ for image in *.bmp; do echo "$image"; timeout -s KILL 10s feh -U "$image"; done
id:000774,src:000207,op:arith8,pos:22,val:-28.bmp
Killed
id:000784,src:000207,op:havoc,rep:32.bmp
Killed
id:000787,src:000207,op:havoc,rep:16,+cov.bmp
Killed
id:000955,src:000787,op:flip2,pos:28.bmp
Killed
id:000972,src:000800,op:flip1,pos:60,+cov.bmp
Killed
id:000984,src:000800,op:havoc,rep:32.bmp
Killed
id:001091,src:000972,op:flip2,pos:18.bmp
Killed
id:001092,src:000972,op:arith8,pos:22,val:-25.bmp
Killed
id:001093,src:000972,op:arith8,pos:22,val:-29.bmp
Killed
id:001097,src:000980,op:arith8,pos:18,val:-3.bmp
Killed
id:001154,src:001098,op:flip1,pos:172.bmp
Killed
id:001155,src:001098,op:flip1,pos:172.bmp
Killed
id:001157,src:001098,op:havoc,rep:4.bmp
Killed
id:001159,src:001098,op:havoc,rep:4.bmp
Killed
id:001263,src:001155,op:flip1,pos:178.bmp
Killed
id:001264,src:001155,op:int32,pos:177,val:+1024,+cov.bmp
Killed
Attached a tarball that includes all BMP images generated by afl that
cause an infinite loop in feh.
[1]: American fuzzy lop - a security-oriented fuzzer:
http://lcamtuf.coredump.cx/afl/
[2]: Afl-generated, minimized image test sets:
http://lcamtuf.coredump.cx/afl/demo/
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (990, 'testing'), (100, 'unstable'), (99, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages feh depends on:
ii libc6 2.19-13
ii libcurl3 7.38.0-3
ii libexif12 0.6.21-2
ii libimlib2 1.4.6-2+b3
ii libpng12-0 1.2.50-2+b2
ii libx11-6 2:1.6.2-3
ii libxinerama1 2:1.1.3-1+b1
Versions of packages feh recommends:
ii libjpeg-progs 1:9a-2
feh suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: afl-hanging-bmp-images.tar.gz
Type: application/gzip
Size: 1421 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-phototools-devel/attachments/20141226/4f2791f5/attachment.bin>
More information about the Pkg-phototools-devel
mailing list