As I wanted to emerge app-doc/gimp-help, I wondered why my system was under very heavy load and it consumed almost all my memory. Then I found out it was because of convert from imagemagick, as it tried to convert a .png file: convert -colors 128 dialogs-layer.png dialogs-layer.png After about 10 minuted, it stopped with a segfault. I did a little version bump on imagemagick. Now, the segfault is still there, but it doesn't consume that many resources anymore. I don't know where this bug comes from and it might be that one could use it for a buffer overflow attack. I will attach the .png file, so that you can check it out yourself.
Created attachment 105038 [details] dialogs-layer.png
*** Bug 159566 has been marked as a duplicate of this bug. ***
My emerge --info Gentoo Base System version 1.12.6 Portage 2.1.1-r2 (default-linux/x86/2006.0, gcc-4.1.1, glibc-2.3.6-r4, 2.6.18-suspend2 i686) ================================================================= System uname: 2.6.18-suspend2 i686 Intel(R) Pentium(R) M processor 1.86GHz Last Sync: Sat, 23 Dec 2006 12:00:01 +0000 ccache version 2.3 [enabled] app-admin/eselect-compiler: [Not Present] dev-java/java-config: 1.3.7, 2.0.31 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.3 dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache distlocks metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="german" LC_ALL="de_DE.UTF-8" LINGUAS="de en" PKGDIR="/usr/portage/packages/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/xor /usr/portage/local/layman/toe.ch" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 7zip X a52 aac aalib acpi alsa alsa_cards_cmipci alsa_cards_intel8x0 alsa_cards_usb-audio alsa_pcm_plugins_adpcm alsa_pcm_plugins_alaw alsa_pcm_plugins_asym alsa_pcm_plugins_copy alsa_pcm_plugins_dmix alsa_pcm_plugins_dshare alsa_pcm_plugins_dsnoop alsa_pcm_plugins_empty alsa_pcm_plugins_extplug alsa_pcm_plugins_file alsa_pcm_plugins_hooks alsa_pcm_plugins_iec958 alsa_pcm_plugins_ioplug alsa_pcm_plugins_ladspa alsa_pcm_plugins_lfloat alsa_pcm_plugins_linear alsa_pcm_plugins_meter alsa_pcm_plugins_mulaw alsa_pcm_plugins_multi alsa_pcm_plugins_null alsa_pcm_plugins_plug alsa_pcm_plugins_rate alsa_pcm_plugins_route alsa_pcm_plugins_share alsa_pcm_plugins_shm alsa_pcm_plugins_softvol apache2 apm arts audiofile bash-completion bcmath berkdb bindist bitmap-fonts bl blender-game bzip2 cairo cdparanoia cdr cli cracklib crypt cscope cups curl dlloader dmi dri dv dvd dvdr dvdread elibc_glibc encode esd exif extrafilters fam fat fbsplash ffmpeg fftw firefox flac flash foomaticdb fortran ftp gdbm gif gimp gimpprint glut gmp gnome gphoto2 gpm gs gstreamer gtk gtk2 gtkhtml gzip hal howl iconv idn ieee1394 imagemagick imlib inkjar input_devices_evdev input_devices_keyboard input_devices_mouse input_devices_synaptics input_devices_vmmouse ipv6 isdnlog jack java jpeg jpeg2k junit kde kernel_linux lcms libg++ libsamplerate libwww linguas_de linguas_en lirc logitech-mouse lzo mad madwifi mcal mhash mikmod ming mjpeg mmx mng motif mozbranding mozdevelop mozsvg mp3 mp4live mpeg mpeg2 ncurses nls nptl nptlonly nsplugin offensive ogg openal opengl oss pam pcre pdf perl php plotutils png portaudio ppds pppd python qt3 qt4 quicktime rar readline recode reflection rtc samba scanner sdl session sftp slang speex spell spl ssl svg svgz swat symlink sysfs szip tcpd tetex threads tidy tiff truetype truetype-fonts type1-fonts udev unicode usb userland_GNU v4l v4l2 vcd vhosts video_cards_fbdev video_cards_fglrx video_cards_glint video_cards_radeon video_cards_v4l vim vim-pager vim-with-x vorbis wifi wma wmf wxwindows xine xinerama xml xorg xprint xscreensaver xv xvid zip zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS ========================================= You can find the version bump of media-gfx/imagemagick here: http://bugs.gentoo.org/show_bug.cgi?id=159570
Hi Michael, I tried to reproduce this with the command you gave but it works fine here. Could you use gdb to give us a stacktrace? remerge imagemagick like this (or use splitdebug, whichever you find easiest): CXXFLAGS="-ggdb3 -O0" CFLAGS="-ggdb3 -O0" emerge imagemagick then $ gdb convert (gdb) r -colors 128 foo.png foo.png then when it crashes: (gdb) bt (gdb) info regs (gdb) x/i $pc and paste the output into this bug report.
Created attachment 105056 [details] convert.debug The desired stacktrace. Btw: You have to add FEATURES=nostrip to get the debugging flags past the installation. That means FEATURES=nostrip CXXFLAGS="-ggdb3 -O0" CFLAGS="-ggdb3 -O0" emerge imagemagick does it
could someone pls have a look at this again tavis? filing under auditing
Tavis, any news on this one?
(In reply to comment #7) > Tavis, any news on this one? > This seems to be fixed in 6.3.3.
Opening since this is fixed.
GLSA 200705-13
