Red Hat Bugzilla – Bug 493015
pbmclean and pbmlife faults in netpbm-10.23-security.patch
Last modified: 2013-07-02 19:36:29 EDT
Description of problem:
pbmclean and pbmlife will not run on images of any size.
Version-Release number of selected component (if applicable):
Every invocation of pbmclean or pbmlife.
Steps to Reproduce:
pbmmake 1 1 | pbmclean > /dev/null
pbmmake 1 1 | pbmlife > /dev/null
Both programs will exit with the error: "progname: EOF / read error reading a one-byte sample"
A 1x1 PBM image, transformed as appropriate.
Both programs employ read-ahead because they transform pixels in an image by counting their neighbours. However, the patch netpbm-10.23-security.patch has mistaken the meaning of the "had enough rows" tests for read-ahead in both cases.
For example, the security patch has changed a test in pbmclean.c from:
(row+1 < rows) --> (row <= rows)
which is clearly not the same test, and a similar line in pbmlife has been corrupted. As the security patch only affects this one test in both files, I have tried fixing it by removing the changes to pbmclean.c and pbmlife.c from the security patch, and the programs work as expected.
Indeed. The security patch really breaks pbmclean and pbmlife. I just removed the two broken hunks. Thanks.
netpbm-10.35.61-1.fc10 has been submitted as an update for Fedora 10.
netpbm-10.35.61-1.fc9 has been submitted as an update for Fedora 9.
netpbm-10.35.61-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
netpbm-10.35.61-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.