Summary: | kde-apps/gwenview-17.04.3 w/ media-gfx/exiv2-0.26 - segfaults when reading exiv metadata | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Zoltan Puskas <zoltan> |
Component: | Current packages | Assignee: | Gentoo KDE team <kde> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://dev.exiv2.org/issues/1305 | ||
See Also: | https://bugs.kde.org/show_bug.cgi?id=382842 | ||
Whiteboard: | scheduled fixed in 0.26.1 | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 647808 | ||
Bug Blocks: | |||
Attachments: | Example image that will segfault gwenview |
Interesting find. Did you already search upstream for similar bugs? https://bugs.kde.org I did a quick search but I did not find anything related to this on the upstream bug tracker, that's why I started gdb-ing the issue. My guess is that the brand of my camera is less popular, that's why no one noticed so far. Reported it upstream here: https://bugs.kde.org/show_bug.cgi?id=382918 Apparently solved upstream as per https://bugs.kde.org/show_bug.cgi?id=382842. Can we backport the fix please? It doesn't look solved at all? Problem seems to be in exiv2 and status is 'to be investigated'. Upstream bug is: http://dev.exiv2.org/issues/1305 Fix as a patch (tested on ~AMD64): https://github.com/Exiv2/exiv2/commit/5405d61623e82896e498c5c8342dd6f42e689115.patch There is a crash with similar backtrace but only with Nikon images. Fix is almost the same. Patch from the pull request: https://github.com/Exiv2/exiv2/commit/591dea579ae946972fef14bbf799b2d3a12e82d4.patch There is a load of outstanding exiv2 issues right now that we better wait until many or most of them are fixed with .1. (In reply to Andreas Sturmlechner from comment #7) > There is a load of outstanding exiv2 issues right now that we better wait > until many or most of them are fixed with .1. Yes, they have 12 open CVEs at the moment thus integrating all patches is too much. Lets hope for a quick release. In the meantime both patches I linked work just fine (~AMD64) and can be applied locally if waiting for a release is not an option. Added snapshot 0.26_p20171013 to tree to address this issue. Dropped 0.26, so this should be fixed. I know this bug is marked fixed, but I'm still getting a segfault when opening files with metadata. $ gwenview DSCN1752.JPG kf5.kio.core: Refilling KProtocolInfoFactory cache in the hope to find "mtp" kf5.kio.core: Refilling KProtocolInfoFactory cache in the hope to find "mtp" Segmentation fault $ emerge --info kde-apps/gwenview kde-apps/gwenview-17.04.3::gentoo was built with the following: USE="X kipi -debug -handbook -raw -semantic-desktop -test" ABI_X86="(64)" $ emerge --info media-gfx/exiv2 media-gfx/exiv2-0.26_p20171104::gentoo was built with the following: USE="nls png xmp -doc -examples -webready" ABI_X86="(64) -32 (-x32)" LINGUAS="-bs -de -es -fi -fr -gl -ms -pl -pt -ru -sk -sv -ug -uk -vi" Right. Upstream made the fixes in master, then later branched off 0.26 from an earlier point... New PR pending: https://github.com/Exiv2/exiv2/pull/162 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c6eada07c811dc3bd34ce06907d3a5cd8cafe54 commit 4c6eada07c811dc3bd34ce06907d3a5cd8cafe54 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2017-12-05 16:10:05 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2017-12-05 16:15:10 +0000 media-gfx/exiv2: Fix crash with Pentax/Nikon exif data Bug: https://bugs.gentoo.org/626214 Package-Manager: Portage-2.3.13, Repoman-2.3.4 media-gfx/exiv2/Manifest | 2 +- media-gfx/exiv2/exiv2-0.26_p20171104-r1.ebuild | 129 +++++++++++++++++++++ .../exiv2/files/exiv2-0.26-pentaxnikon-crash.patch | 52 +++++++++ 3 files changed, 182 insertions(+), 1 deletion(-)} It's still not merged to upstream, so I'm adding a revbump for the time being. Fixes the crash for me (at least with 645D exif data). I have tried and the rev-bumped media-gfx/exiv2-0.26_p20171104-r1 works on the Pentax images too. I own a Pentax camera and the latest gentoo upgrade made all my photos unavailable in gwenview. Fixed with media-gfx/exiv2-0.26_p20171104-r1 (thanks Zoltan) - please stabilize the patch. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1dc8557a38b42c16b34728619c94d0c89476251a commit 1dc8557a38b42c16b34728619c94d0c89476251a Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-04-25 17:40:31 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-04-25 17:53:27 +0000 media-gfx/exiv2: Add 0.26_p20180319 snapshot Fixing CVE-2017-17669, CVE-2017-17725, CVE-2017-18005, CVE-2018-4868 Bug: https://bugs.gentoo.org/626214 Bug: https://bugs.gentoo.org/643554 Bug: https://bugs.gentoo.org/647808 Bug: https://bugs.gentoo.org/640978 Package-Manager: Portage-2.3.31, Repoman-2.3.9 media-gfx/exiv2/Manifest | 1 + media-gfx/exiv2/exiv2-0.26_p20180319.ebuild | 136 ++++++ .../exiv2-0.26_p20180319-CVE-2017-18005.patch | 484 +++++++++++++++++++++ .../files/exiv2-0.26_p20180319-CVE-2018-4868.patch | 39 ++ 4 files changed, 660 insertions(+)} (In reply to Ciprian Ciubotariu from comment #16) > I own a Pentax camera and the latest gentoo upgrade made all my photos > unavailable in gwenview. Fixed with media-gfx/exiv2-0.26_p20171104-r1 > (thanks Zoltan) - please stabilize the patch. Please test with the latest snapshot. The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40c32e8333488b1965fa1de32d97a7403786ab0b commit 40c32e8333488b1965fa1de32d97a7403786ab0b Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-05-29 12:13:07 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-05-29 12:31:09 +0000 media-gfx/exiv2: Drop 0.26_p20171104 (security cleanup) Bug: https://bugs.gentoo.org/647808 Bug: https://bugs.gentoo.org/640978 Bug: https://bugs.gentoo.org/643554 Closes: https://bugs.gentoo.org/626214 Package-Manager: Portage-2.3.40, Repoman-2.3.9 media-gfx/exiv2/Manifest | 1 - media-gfx/exiv2/exiv2-0.26_p20171104.ebuild | 128 ---------------------------- 2 files changed, 129 deletions(-) |
Created attachment 486870 [details] Example image that will segfault gwenview Trying to open an image from a Pentax Camera in gwenview will result in a segfault. It happens when it's trying to read metadata for the image. CLI tools like exiv2 and exiftool work correctly on the image.