Package: dcraw Version: 9.27-1+b1 Severity: normal Dear Maintainer,
Running dcraw-9.27 the attached input file raises a crash caused by invalid memory write in canon_rmf_load_raw(). First, below is the GDB log that shows crash from dcraw-9.27 binary downloaded with 'apt-get'. ---------------------------------------------------------------------------------------- jason@debian-amd64-stretch:~/dcraw-crashes$ gdb -q dcraw Reading symbols from dcraw...(no debugging symbols found)...done. (gdb) run crash-30_00070116 Starting program: /usr/bin/dcraw crash-30_00070116 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x000055555555f4bc in ?? () (gdb) x/i $rip => 0x55555555f4bc: mov %si,(%r8,%rdx,2) (gdb) info reg r8 rdx rsi r8 0x7ffe7d583010 140731001352208 rdx 0xffffffffbccf917a -1127247494 rsi 0xffff 65535 ------------------------------------------------------------------------------------- Since the downloaded binary did not have any symbol information, we downloaded its code and compiled it with AddressSanitizer. While AddressSanitizer failed to identify the root cause of the bug, it reported an invalid memory access error in canon_rmf_load_raw(), as below. ------------------------------------------------------------------------------------- ASAN:DEADLYSIGNAL ================================================================= ==5095==ERROR: AddressSanitizer: SEGV on unknown address 0x7ffdf45e5af4 (pc 0x000000513322 bp 0x7fffffffda90 sp 0x7fffffffda20 T0) #0 0x513321 in canon_rmf_load_raw /home/jason/packages-sanitize/dcraw-9.27/dcraw.c:1999:17 #1 0x5bc6e6 in main /home/jason/packages-sanitize/dcraw-9.27/dcraw.c:10150:10 #2 0x7ffff6a3582f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291 #3 0x4196c8 in _start (/home/jason/Chatkey/replay_box/dcraw+0x4196c8) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/jason/packages-sanitize/dcraw-9.27/dcraw.c:1999:17 in canon_rmf_load_raw ==5095==ABORTING ------------------------------------------------------------------------------------- -- System Information: Debian Release: 9.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory UTF-8), LANGUAGE=en_US:en (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages dcraw depends on: ii libc6 2.24-11+deb9u3 ii libjpeg62-turbo 1:1.5.1-2 ii liblcms2-2 2.8-4 dcraw recommends no packages. Versions of packages dcraw suggests: pn gphoto2 <none> ii netpbm 2:10.0-15.3+b2 -- debconf information excluded
crash-30_00070116
Description: Binary data