Bug 176632 - Blender 2.41 is out, CVE-2005-4470
Blender 2.41 is out, CVE-2005-4470
Description Luya Tshimbalanga 2005-12-27 20:57:20 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051216 Fedora/1.5-3 Firefox/1.5

Description of problem:
Can someone update Blender to 2.40 and include multilangual support as well

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Additional info:
Comment 1 Ville Skyttä 2006-01-08 04:57:03 EST
Versions before 2.40 also have buffer overflow vulnerabilities:
Comment 2 Jochen Schmitt 2006-01-24 12:18:28 EST

becouse I will be the new maintainer of blender, I have create a package for
version 2.40.

Best Regards:

Jochen Schmitt
Comment 3 Luya Tshimbalanga 2006-01-24 18:11:11 EST
I noticed that version is out for Fedora Core 4 and will be available in
development. There is an odd issue related with the use of yafray,org (website
is currently down).
 Shall we close thise bug report?
Comment 4 Luya Tshimbalanga 2006-01-25 22:16:21 EST
blender 2.41 is just released.
Comment 5 Jochen Schmitt 2006-01-29 15:02:32 EST

I'm build 2.41 noew. Can you tell me more about your odd issue related withe the
use of yafray.org.

Perhaps, I may able to reproduced your issue.

Best Regards:

Jochen Schmitt
Comment 6 Luya Tshimbalanga 2006-01-29 19:36:02 EST
yafray.org issues happened when rendering a complex object with more effects.
When rendering a simple cube with a spot light, there is no problem. However,
when I added effects such as ray-tracing, transparencies and more with 
yafray engine, Blender will crash. I think the problem is with 
the additional sources from the spec file.
 I have no problem rendering yafray on other OS like Windows XP.
Comment 7 Luya Tshimbalanga 2006-01-30 23:51:40 EST
Created attachment 123896 [details]
blender debug using yafray-0.8

Reproduction of problem of rendering using yafray.
yafray.org. Perhpas someone should contact the author
about that issue on Fedora.
Comment 8 Jochen Schmitt 2006-01-31 12:02:30 EST
Can you create a backtrace for the test from attachment #123896 [details]. I think in the
backtrace you may determinate the source of the failure.

AFAIK yafray is a seperate plugin for blender, so from my point of view it's
important to know which package is responsible for the failure.

Best Regards:

Jochen Schmitt 
Comment 9 Jochen Schmitt 2006-01-31 13:00:24 EST
Becouse yafray is a seperate package, I have create a RPM for Fedora Extras and
uploaded it to:


It will be nice, if you may download this package and test it. Aspecialy, it may
be nice, if you can test your complaint issue.

Best Regards:

Jochen Schmitt
Comment 10 Luya Tshimbalanga 2006-02-01 06:03:24 EST
Created attachment 123953 [details]
blender backtrace

Here is the backtrace using the original yafray package.
Comment 11 Luya Tshimbalanga 2006-02-01 06:18:14 EST
Apparently the problem can be reproduced by setting z transparency,
disable xml in Yafray rendering, set YafrayGI with Full method and any quality.
Comment 12 Michael Schwendt 2006-02-01 07:08:28 EST
> (no debugging symbols found)

Not helpful. Please take a look at http://fedoraproject.org/wiki/StackTraces
enable the "debug" repository and install the missing -debuginfo packages.
For packages you rpmbuild manually, you should install these -debuginfo
packages, too.
Comment 13 Luya Tshimbalanga 2006-02-01 17:42:22 EST
Comment on attachment 123953 [details]
blender backtrace

(gdb) thread apply all bt

Thread 1 (Thread -1209009984 (LWP 22535)):
#0  0x00d6b402 in __kernel_vsyscall ()
#1  0x001d1079 in raise () from /lib/libc.so.6
#2  0x001d2613 in abort () from /lib/libc.so.6
#3  0x0020557b in __libc_message () from /lib/libc.so.6
#4  0x0020ff4f in free () from /lib/libc.so.6
#5  0x03547c09 in operator delete () from /usr/lib/libstdc++.so.6
#6  0x08365cb8 in std::vector<float, std::allocator<float> >::_M_fill_insert ()
#7  0x00467f61 in yafray::blockSpliter_t::getArea ()
   from /usr/lib/libyafraycore.so
#8  0x00472b3c in yafray::threadedscene_t::render ()
   from /usr/lib/libyafraycore.so
#9  0x001200bd in yafray::interfaceImpl_t::render ()
   from /usr/lib/libyafrayplugin.so
#10 0x0829e5e0 in yafrayPluginRender_t::writeRender ()
#11 0x082805e3 in yafrayRender_t::exportScene ()
#12 0x0827dc19 in YAF_exportScene ()
#13 0x082566b9 in render ()
#14 0x08258a9b in RE_initrender ()
#15 0x081955a1 in BIF_toggle_render_display ()
#16 0x08195688 in BIF_do_render ()
#17 0x081a8de8 in scrarea_do_winhandle ()
---Type <return> to continue, or q <return> to quit---
#18 0x0813941d in screenmain ()
#19 0x0810d8b2 in main ()
Comment 14 Luya Tshimbalanga 2006-02-08 02:47:39 EST
Just updated blender. I report the same problem using yafray (including your
built) listed on comment #13
Comment 15 Jochen Schmitt 2006-02-08 12:28:05 EST
I have looked on www.yafray.org.

At the bug tracker I have found Bug #2828 where a issue was reported which
sounds like the issue discussed in this bug.

After I have read a tutorial about yafray, I was able to test the yafray
integration on my machine. I was able to call the yafray rendering engine. 

Unfortunately, I have got a blank scrennt but not a crash.

Best Regards:

Jocheh Schmitt
Comment 16 Luya Tshimbalanga 2006-02-08 12:57:58 EST
Blank screen means you have XML enabled on Yafray tab. Disable it. On Yafray GI,
set Method to Full and choose any Qualtiy scene (for example Low). Voila,
Blender will exit.
Comment 17 Jochen Schmitt 2006-02-09 10:36:22 EST
I have toggle the XML-Button. The result is, that I will get a blank screen but
not a crash.

Best Regards:

Jochen Schmitt
Comment 18 Dennis Gilmore 2006-02-21 23:20:53 EST
this bug should be closed  the initial report is resolved.  the second issue 
should be its own bug.  this makes searching easier. 
Comment 19 Jochen Schmitt 2006-02-22 13:14:20 EST
OK. But now yafray is not a package in Fedora Extras.
Comment 20 Jochen Schmitt 2006-02-22 13:20:10 EST
I have created #182460 which points to this bug for futher information.

