group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #08281
[Bug 1178402] Re: tracker-extract crashed with signal 5 in g_malloc()
This bug was fixed in the package tracker - 1.6.2-0ubuntu1.1
---------------
tracker (1.6.2-0ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Integer overflow when skipping over
decoded image data of extremely large or specially
prepared GIF resulting in a program crash (LP: #1178402)
- debian/patches/fix-gif-possible-integer-overflow.patch:
Avoid integer overflow by reading/skipping over image data
line by line in read_metadata in
src/tracker-extract/tracker-extract-gif.c.
-- Nikita Yerenkov-Scott <cooks.go.hungry@xxxxxxxxx> Sun, 09 Oct 2016
16:06:45 +0100
** Changed in: tracker (Ubuntu Xenial)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1178402
Title:
tracker-extract crashed with signal 5 in g_malloc()
Status in Tracker:
Fix Released
Status in Ubuntu GNOME:
In Progress
Status in tracker package in Ubuntu:
Fix Released
Status in tracker source package in Trusty:
Fix Released
Status in tracker source package in Xenial:
Fix Released
Bug description:
* Impact
An integer overflow occurs when tracker-extract comes across an extremely large GIF image or one which is specifically crafted.
* Test case
If for instance this file https://bugzilla.gnome.org/attachment.cgi?id=326198 is saved on a computer tracker-extract will crash when it gets to it unless the patches are applied.
* Regression potential
I have not tested these patches but the fix is in the Yakkety version and I do not experience the crash there and no regressions.
----------------------------------
Original report:
Lock Interface and PC
ProblemType: Crash
DistroRelease: Ubuntu 13.04
Package: tracker-extract 0.16.0-2ubuntu1~ubuntu13.04.1 [origin: LP-PPA-gnome3-team-gnome3]
ProcVersionSignature: Ubuntu 3.8.0-19.30-generic 3.8.8
Uname: Linux 3.8.0-19-generic i686
ApportVersion: 2.9.2-0ubuntu8
Architecture: i386
Date: Thu May 9 16:45:04 2013
ExecutablePath: /usr/lib/tracker/tracker-extract
InstallationDate: Installed on 2013-04-29 (9 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release i386 (20130424)
MarkForUpload: True
ProcCmdline: /usr/lib/tracker/tracker-extract
ProcEnviron:
SHELL=/bin/bash
XDG_RUNTIME_DIR=<set>
PATH=(custom, no user)
LANGUAGE=pt_BR:pt:en
LANG=pt_BR.UTF-8
Signal: 5
SourcePackage: tracker
StacktraceTop:
g_malloc () from /lib/i386-linux-gnu/libglib-2.0.so.0
tracker_extract_get_metadata () from /usr/lib/tracker-0.16/extract-modules/libextract-gif.so
?? ()
?? ()
?? ()
Title: tracker-extract crashed with signal 5 in g_malloc()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
To manage notifications about this bug go to:
https://bugs.launchpad.net/tracker/+bug/1178402/+subscriptions