Bug 249555 - giftext: segfault at 0000000000000004 rip
giftext: segfault at 0000000000000004 rip
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: giflib (Show other bugs)
5.1
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: ritz
BaseOS QE - Apps
: Patch
: 244227 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-07-25 10:43 EDT by Vilius Šumskas
Modified: 2013-04-12 15:15 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Prior to this update, an attempt to use the giftext utility on a GIF file that does not store a global color map caused it to terminate unexpectedly with a segmentation fault. This update applies an upstream patch that resolves this issue, and giftext no longer crashes.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-03-30 04:01:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Failing gif file (2.73 KB, image/gif)
2007-07-26 03:13 EDT, Vilius Šumskas
no flags Details
Upstream patch (extracted change from upstream 4.1.6) (575 bytes, patch)
2009-04-07 11:18 EDT, Tomas Hoger
no flags Details | Diff

  None (edit)
Description Vilius Šumskas 2007-07-25 10:43:35 EDT
Description of problem:
Giftext segfaults on certain Gif images:
Jul 25 09:20:33 mail kernel: giftext[17225]: segfault at 0000000000000004 rip 
0000000000401a8a rsp 00007fff1775e2f0 error 4
Jul 25 09:20:33 mail kernel: giftext[17240]: segfault at 0000000000000004 rip 
0000000000401a8a rsp 00007fff5ec74800 error 4
Jul 25 12:28:21 mail kernel: giftext[23273]: segfault at 0000000000000004 rip 
0000000000401a8a rsp 00007fff369f6580 error 4
Jul 25 12:42:54 mail kernel: giftext[28083]: segfault at 0000000000000004 rip 
0000000000401a8a rsp 00007fffe80ce2c0 error 4

Version-Release number of selected component (if applicable):
giflib-utils-4.1.3-7.1.el5.1
Comment 1 Norm Murray 2007-07-26 00:52:21 EDT
Could you please attach a sample failing gif? 
Comment 2 Vilius Šumskas 2007-07-26 03:13:49 EDT
Created attachment 159992 [details]
Failing gif file

Here you go.
Comment 3 Vilius Šumskas 2007-11-17 04:05:09 EST
Is this ever get fixed? This issue drives me crazy.
Comment 4 Vilius Šumskas 2007-11-18 13:59:31 EST
I found this patch on the internet: http://users.own-
hero.net/~decoder/fuzzyocr/giftext-segfault.patch can someone can take a look 
if it could be included into the RedHat's RPM?
Comment 5 Vilius Šumskas 2008-05-20 14:41:04 EDT
Still there in 5.1. Is anybody responsible for this bug is still here?
Comment 6 Tomas Hoger 2009-04-07 11:18:05 EDT
Created attachment 338515 [details]
Upstream patch (extracted change from upstream 4.1.6)

(In reply to comment #4)
> I found this patch on the internet: http://users.own-
> hero.net/~decoder/fuzzyocr/giftext-segfault.patch can someone can take a look 
> if it could be included into the RedHat's RPM?  

Should be this, which is a one-liner diff between 4.1.3 and 4.1.6.  Fixes not exploitable NULL pointer dereference flaw.
Comment 7 RHEL Product and Program Management 2009-04-07 11:26:57 EDT
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 8 RHEL Product and Program Management 2009-11-06 13:44:27 EST
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 18 ritz 2011-03-15 04:42:57 EDT
*** Bug 244227 has been marked as a duplicate of this bug. ***
Comment 21 Jaromir Hradilek 2011-03-23 08:17:16 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Prior to this update, an attempt to use the giftext utility on a GIF file that does not store a global color map caused it to terminate unexpectedly with a segmentation fault. This update applies an upstream patch that resolves this issue, and giftext no longer crashes.
Comment 23 errata-xmlrpc 2011-03-30 04:01:23 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0398.html

Note You need to log in before you can comment on or make changes to this bug.