Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 597308 - media-gfx/xv-3.10a-r17 - buffer overflow detected in ?
Summary: media-gfx/xv-3.10a-r17 - buffer overflow detected in ?
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-16 17:57 UTC by segmentation fault
Modified: 2016-10-22 08:17 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Icon that causes the buffer overflow in xv (http%3A%2F%2Fwww-static.operacdn.com%2Fstatic-heap%2Fc9%2Fc99c9a52c1cfc381bf288f14c16397c1cdc8f0e2%2Fspeed-dial-icon.png,498 bytes, image/png)
2016-10-16 17:57 UTC, segmentation fault 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description segmentation fault 2016-10-16 17:57:32 UTC 
Created attachment 450458 [details]
Icon that causes the buffer overflow in xv

Background
=======

I have www-client/opera-12.16_p1860-r1 installed. I also have Fvwm2 and stalonetray (the systray application). I noticed (like many others before me) that the Opera systray icon has a white background. This does not match the grey background of my stalonetray. My quest to find the curlprit icon and change its background was unsuccessful to this time, no matter what.

Desperate to try everything I could imagine, I thought I would have a look at the icon in my home opera dir with xv:

xv /home/XXX/.opera/icons/http%3A%2F%2Fwww-static.operacdn.com%2Fstatic-heap%2Fc9%2Fc99c9a52c1cfc381bf288f14c16397c1cdc8f0e2%2Fspeed-dial-icon.png

But instead of an icon, I got:

*** buffer overflow detected ***: xv terminated; report to <http://bugs.gentoo.org/>

What on earth is THIS? :shock:

Some info
======

To let you reproduce the error, I will create an attachment with the icon file in question. Use at your own risk. 

I have media-gfx/xv-3.10a-r17 installed with these USE flags:

 * Found these USE flags for media-gfx/xv-3.10a-r17:
 U I
 + + jpeg : Add JPEG image support
 + + png  : Add support for libpng (PNG images)
 + + tiff : Add support for the TIFF image format

System info:

Portage 2.2.28 (python 3.4.3-final-0, hardened/linux/x86, gcc-4.9.3, glibc-2.22-r4, 3.16.5-gentoo i686)
=================================================================
System uname: Linux-3.16.5-gentoo-i686-Intel-R-_Pentium-R-_4_CPU_3.40GHz-with-gentoo-2.2
KiB Mem:     XXXXXXX total,    478292 free
KiB Swap:    YYYYYYY total,    720324 free
Timestamp of repository gentoo: Mon, 10 Oct 2016 14:15:01 +0000
sh bash 4.3_p42-r1
ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1
app-shells/bash:          4.3_p42-r1::gentoo
dev-java/java-config:     2.2.0-r3::gentoo
dev-lang/perl:            5.22.2::gentoo
dev-lang/python:          2.7.10-r1::gentoo, 3.4.3-r1::gentoo
dev-util/cmake:           3.5.2-r1::gentoo
dev-util/pkgconfig:       0.28-r2::gentoo
sys-apps/baselayout:      2.2::gentoo
sys-apps/openrc:          0.19.1::gentoo
sys-apps/sandbox:         2.10-r2::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69::gentoo
sys-devel/automake:       1.4_p6::<unknown repository>, 1.5::<unknown repository>, 1.6.3::<unknown repository>, 1.7.9-r1::<unknown repository>, 1.8.5-r3::<unknown repository>, 1.9.6-r2::<unknown repository>, 1.10.3-r1::gentoo, 1.11.6-r1::gentoo, 1.12.6::gentoo, 1.13.4::gentoo, 1.14.1::gentoo, 1.15::gentoo
sys-devel/binutils:       2.24-r3::gentoo, 2.25.1-r1::gentoo
sys-devel/gcc:            4.3.6-r1::gentoo, 4.4.7::gentoo, 4.8.3::gentoo, 4.9.3::gentoo
sys-devel/gcc-config:     1.7.3::gentoo
sys-devel/libtool:        2.4.6::gentoo
sys-devel/make:           4.1-r1::gentoo
sys-kernel/linux-headers: 3.18::gentoo (virtual/os-headers)
sys-libs/glibc:           2.22-r4::gentoo
Comment 1 segmentation fault 2016-10-17 08:54:30 UTC 
Libraries used by my xv-3.10a-r17:

linux-gate.so.1
/lib/libz.so.1
/usr/lib/libX11.so.6
/lib/libm.so.6
/usr/lib/libjpeg.so.62
/usr/lib/libpng16.so.16
/usr/lib/libtiff.so.5
/lib/libc.so.6
/usr/lib/libxcb.so.1
/lib/libdl.so.2
/lib/ld-linux.so.2
/usr/lib/libXau.so.6
/usr/lib/libXdmcp.so.6

Packages they belong to:

 * Searching for /lib/libz.so.1 ... 
sys-libs/zlib-1.2.8-r1 (/lib/libz.so.1 -> libz.so.1.2.8)
sys-libs/zlib-1.2.8-r1 (/lib/libz.so.1.2.8)

 * Searching for /usr/lib/libX11.so.6 ... 
x11-libs/libX11-1.6.3 (/usr/lib/libX11.so.6.3.0)
x11-libs/libX11-1.6.3 (/usr/lib/libX11.so.6 -> libX11.so.6.3.0)

 * Searching for /lib/libm.so.6 ... 
sys-libs/glibc-2.22-r4 (/lib/libm-2.22.so)
sys-libs/glibc-2.22-r4 (/lib/libm.so.6 -> libm-2.22.so)

 * Searching for /usr/lib/libjpeg.so.62 ... 
media-libs/libjpeg-turbo-1.5.0 (/usr/lib/libjpeg.so.62.2.0)
media-libs/libjpeg-turbo-1.5.0 (/usr/lib/libjpeg.so.62 -> libjpeg.so.62.2.0)

 * Searching for /usr/lib/libpng16.so.16 ... 
media-libs/libpng-1.6.21 (/usr/lib/libpng16.so.16 -> libpng16.so.16.21.0)
media-libs/libpng-1.6.21 (/usr/lib/libpng16.so.16.21.0)

 * Searching for /usr/lib/libtiff.so.5 ... 
media-libs/tiff-4.0.6 (/usr/lib/libtiff.so.5 -> libtiff.so.5.2.4)
media-libs/tiff-4.0.6 (/usr/lib/libtiff.so.5.2.4)

 * Searching for /lib/libc.so.6 ... 
sys-libs/glibc-2.22-r4 (/lib/libc-2.22.so)
sys-libs/glibc-2.22-r4 (/lib/libc.so.6 -> libc-2.22.so)

 * Searching for /usr/lib/libxcb.so.1 ... 
x11-libs/libxcb-1.11.1 (/usr/lib/libxcb.so.1 -> libxcb.so.1.1.0)
x11-libs/libxcb-1.11.1 (/usr/lib/libxcb.so.1.1.0)

 * Searching for /lib/libdl.so.2 ... 
sys-libs/glibc-2.22-r4 (/lib/libdl-2.22.so)
sys-libs/glibc-2.22-r4 (/lib/libdl.so.2 -> libdl-2.22.so)

 * Searching for /lib/ld-linux.so.2 ... 
sys-libs/glibc-2.22-r4 (/lib/ld-2.22.so)
sys-libs/glibc-2.22-r4 (/lib/ld-linux.so.2 -> ld-2.22.so)

 * Searching for /usr/lib/libXau.so.6 ... 
x11-libs/libXau-1.0.8 (/usr/lib/libXau.so.6.0.0)
x11-libs/libXau-1.0.8 (/usr/lib/libXau.so.6 -> libXau.so.6.0.0)

 * Searching for /usr/lib/libXdmcp.so.6 ...
x11-libs/libXdmcp-1.1.2 (/usr/lib/libXdmcp.so.6 -> libXdmcp.so.6.0.0)
x11-libs/libXdmcp-1.1.2 (/usr/lib/libXdmcp.so.6.0.0)
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2016-10-21 04:01:32 UTC 
You ought to try and obtain a gdb backtrace, because it's entirely unclear whether the overflow occurs in an X11 library, in the PNG library or in xv itself.