Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 452998 - gimp postscript plugin gets segmentation fault
Summary: gimp postscript plugin gets segmentation fault
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: gimp
Version: 5.2
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Nils Philippsen
QA Contact: Desktop QE
Depends On:
Blocks: 499522 743405
TreeView+ depends on / blocked
Reported: 2008-06-26 14:46 UTC by Alan Matsuoka
Modified: 2018-11-14 18:04 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2012-09-07 12:09:45 UTC
Target Upstream Version:

Attachments (Terms of Use)
gimp-2.2.13-postscript-segv.patch (1.33 KB, text/x-patch)
2008-06-26 14:46 UTC, Alan Matsuoka
no flags Details

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Legacy) 60156 0 None None None Never
Red Hat Product Errata RHBA-2012:1242 0 normal SHIPPED_LIVE gimp bug fix update 2012-09-07 16:08:23 UTC

Description Alan Matsuoka 2008-06-26 14:46:29 UTC
Description of problem:
gimp issues /usr/lib/gimp/2.0/plug-ins/postscript: fatal error:
Segmentation fault

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Create a new image in gimp
2.Save as a PostScript
3.Chose Preview in output option

Actual results:
/usr/lib/gimp/2.0/plug-ins/postscript: fatal error: Segmentation fault

Expected results:
No Segmentation fault, and the image displays as a preview

Additional info:

$ gimp --stack-trace-mode always
/usr/lib/gimp/2.0/plug-ins/postscript: fatal error: Segmentation fault
#0  0x40000402 in __kernel_vsyscall ()
#1  0x007ac92f in fork () from /lib/libc.so.6
#2  0x00a4a13c in g_on_error_stack_trace () from /lib/libglib-2.0.so.0
#3  0x4002eec9 in gimp_plugin_sigfatal_handler (sig_num=11) at gimp.c:1483
#4  <signal handler called>
#5  dither_grey (grey=0x981ffc0 'ÿ§ <repeats 200 times>..., bw=0x9635468 "",
#6  0x0804d7ce in save_ps_setup (ofp=0x980e540, drawable_ID=2, width=420,
#7  0x0804f710 in save_image (filename=<value optimized out>, image_ID=1,
#8  0x08050f21 in run (name=0x95e94f8 "file_ps_save", nparams=15,
#9  0x4002f5ee in gimp_main (info=0x80533c0, argc=6, argv=0xbf93e834)
#10 0x0804e6a7 in main (argc=Cannot access memory at address 0x0
#11 0x00733dec in __libc_start_main () from /lib/libc.so.6
#12 0x0804a3f1 in _start ()
Dear SEG,

Here is an easy bug in gimp. 100% reprodusable, please close.
The segfalut occurs at line 2240 due to corruption of fs_error.
The corruption is related to *limit or limit_array[], I think.


2192 dither_grey (guchar *grey,
2193              guchar *bw,
2194              gint    npix,
2195              gint    linecount)
2196 {
2197   register guchar *greyptr, *bwptr, mask;
2198   register int *fse;
2199   int x, greyval, fse_inline;
2200   static int *fs_error = NULL;
2201   static int do_init_arrays = 1;
2202   static int limit_array[1278];
2203   static int
2204   int *limit = &(limit_array[512]);
2215       if (do_init_arrays)
2216         {
2217           do_init_arrays = 0;
2218           for (x = -511; x <= 766; x++)
2219             limit[x] = (x < 0) ? 0 : ((x > 255) ? 255 : x);  <--*** direct
cause of the segfault
2238   bwptr = bw;
2239   mask = 0x80;
2240   fse_inline = fs_error[0];  <---------****  segmentation fault

SEG Notes:
Attached patch works for customer.

Comment 1 Alan Matsuoka 2008-06-26 14:46:30 UTC
Created attachment 310343 [details]

Comment 2 RHEL Program Management 2009-03-26 17:17:12 UTC
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".

Comment 21 errata-xmlrpc 2012-09-07 12:09:45 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.