** Description changed: Hello, Below is some description about crash, found by dynamic analysis tool Sydr (part of Crusher system) https://www.ispras.ru/en/technologies/sydr/ developed in ISP RAS. + + System Ubuntu 20.04.2 LTS. + Package: libhdf4_4.2.14-1ubuntu1.debian.tar.xz Division by zero: (gdb) r Starting program: /home/fedotoff/hdp-test/hdp-crash/libhdf4-4.2.14/install/bin/hdp dumpsds ./segfault37.hdf Program received signal SIGFPE, Arithmetic exception. 0x00000000004ba4d8 in VSread (vkey=1073741846, buf=0x7ffbf7be4010 "", nelt=2147483647, interlace=0) at vrw.c:276 276 chunk = buf_size / hsize + 1; (gdb) bt #0 0x00000000004ba4d8 in VSread (vkey=1073741846, buf=0x7ffbf7be4010 "", nelt=2147483647, interlace=0) at vrw.c:276 #1 0x0000000000420186 in hdf_read_attrs (xdrs=0x5193a0, handle=0x518330, vg=805306379) at cdf.c:2252 #2 0x0000000000420c34 in hdf_read_vars (xdrs=0x5193a0, handle=0x518330, vg=805306368) at cdf.c:2669 #3 0x00000000004211c8 in hdf_read_xdr_cdf (xdrs=0x5193a0, handlep=0x7fffffffd400) at cdf.c:2899 #4 0x000000000041d8e9 in hdf_xdr_cdf (xdrs=0x5193a0, handlep=0x7fffffffd400) at cdf.c:2973 #5 0x000000000041d3c3 in xdr_cdf (xdrs=0x5193a0, handlep=0x7fffffffd400) at cdf.c:664 #6 0x000000000041d299 in NC_new_cdf (name=0x7fffffffd5a0 "./segfault37.hdf", mode=0) at cdf.c:484 #7 0x00000000004233d6 in NC_open (path=0x7fffffffd5a0 "./segfault37.hdf", mode=0) at file.c:307 #8 0x000000000042353e in ncopen (path=0x7fffffffd5a0 "./segfault37.hdf", mode=0) at file.c:362 #9 0x0000000000429b00 in SDstart (name=0x7fffffffd5a0 "./segfault37.hdf", HDFmode=1) at mfsd.c:378 #10 0x0000000000410cc7 in dsd (dumpsds_opts=0x7fffffffd700, curr_arg=3, argc=3, argv=0x7fffffffdb08) at hdp_sds.c:1218 #11 0x00000000004116d7 in do_dumpsds (curr_arg=2, argc=3, argv=0x7fffffffdb08, help=0) at hdp_sds.c:1454 #12 0x0000000000402950 in main (argc=3, argv=0x7fffffffdb08) at hdp.c:146 (gdb) list 271 272 /* we are bounded above by VDATA_BUFFER_MAX */ 273 buf_size = MIN(total_bytes, VDATA_BUFFER_MAX); 274 275 /* make sure there is at least room for one record in our buffer */ 276 chunk = buf_size / hsize + 1; 277 278 /* get a buffer big enough to hold the values */ 279 Vtbufsize = (size_t)chunk * (size_t)hsize; 280 if (Vtbuf) (gdb) p/x hsize $1 = 0x0 Suggestion for fix: check hsize if it is zero, and set chunk = 1;
** Summary changed: - Hdp for hdf4-tools division by zero + Hdp from hdf4-tools division by zero -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1915417 Title: Hdp from hdf4-tools division by zero To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libhdf4/+bug/1915417/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs