Your message dated Sun, 26 Jan 2025 15:26:40 -0800
with message-id <20250126152640.043047da@tigre>
and subject line Re: libiso9660-8: segmentation fault
has caused the Debian Bug report #774267,
regarding libiso9660-8: segmentation fault
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
774267: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774267
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libiso9660-8
Version: 0.83-4.2
Usertags: afl
iso-info(1) crashes on the attached (corrupted) ISO image:
$ iso-info -f crash.iso
iso-info version 0.83 i586-pc-linux-gnu
Copyright (c) 2003, 2004, 2005, 2007, 2008, 2011 R. Bernstein
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
__________________________________
ISO 9660 image: crash.iso
Preparer : XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2
Volume : ISOIMAGE
__________________________________
ISO-9660 Information
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
0 /XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2
0 /XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2
99 /XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
++ WARN: from_733: broken byte order
Segmentation fault
Backtrace:
#0 __strcmp_ia32 () at ../sysdeps/i386/i686/multiarch/../strcmp.S:34
#1 0xf7fbb865 in _fs_iso_stat_traverse (p_iso=0x804e028, _root=0x8050218,
splitpath=0x80503b8) at iso9660_fs.c:1125
#2 0xf7fbbc6a in iso9660_ifs_stat (p_iso=0x804e028, psz_path=0x80503e8
"/XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2/") at iso9660_fs.c:1269
#3 0xf7fbbf36 in iso9660_ifs_readdir (p_iso=0x804e028, psz_path=0x80503e8
"/XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2/") at iso9660_fs.c:1363
#4 0x0804944e in print_iso9660_recurse (p_iso=0x804e028, psz_path=0x80503e8
"/XORRISO-1.3.2 2013.08.07.110001, LIBISOBURN-1.3.2, LIBISOFS-1.3.2,
LIBBURN-1.3.2/") at iso-info.c:205
#5 0x080497ae in print_iso9660_recurse (p_iso=0x804e028, psz_path=0x804b30c
"/") at iso-info.c:281
#6 0x080497f3 in print_iso9660_fs (iso=0x804e028) at iso-info.c:290
#7 0x08049bba in main (argc=3, argv=0xffffd3d4) at iso-info.c:374
This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl
Disclaimer: I don't have spare CPU cycles, so I fuzzed only till the
first crash (which took a few seconds). It's likely that extensive
fuzzing would uncover more interesting crashers. I'd encourage libcdio
maintainers to perform fuzzing with AFL on their own. :-)
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libiso9660-8 depends on:
ii libc6 2.19-13
ii libcdio13 0.83-4.2
--
Jakub Wilk
--- End Message ---
--- Begin Message ---
No longer reproducible (tested on libcdio-utils 2.1.0-5)
--- End Message ---
