hellosiyan / Viewnior

Elegant Image Viewer
https://siyanpanayotov.com/project/viewnior/
GNU General Public License v3.0
323 stars 55 forks source link

Segfault when decoding JPEG2000 file #74

Closed dbrgn closed 4 years ago

dbrgn commented 4 years ago

When opening the JPEG2000 sample file from https://www.fnordware.com/j2k/jp2samples.html, viewnior crashes with a segfault (both the released version and git master).

relax.jp2.tar.gz

$ src/viewnior ~/Projects/jpeg-decoder/fuzz-afl/in/relax-jpeg2000.jp2
ICC Profile CS 52474220
viewnior: /build/jasper/src/jasper-version-2.0.16/src/libjasper/jp2/jp2_dec.c:308: jp2_decode: Assertion `dec->image->cmprof_' failed.
Aborted (core dumped)

I hope this is reproducible, if not I can provide a core dump.

dbrgn commented 4 years ago

Ah, I almost forgot, here's the trace from coredumpctl info:

                Stack trace of thread 1889:
                #0  0x00007f61d0771ce5 raise (libc.so.6 + 0x3bce5)
                #1  0x00007f61d075b857 abort (libc.so.6 + 0x25857)
                #2  0x00007f61d075b727 __assert_fail_base.cold (libc.so.6 + 0x25727)
                #3  0x00007f61d076a426 __assert_fail (libc.so.6 + 0x34426)
                #4  0x00007f61cddf391d jp2_decode (libjasper.so.4 + 0x2791d)
                #5  0x00007f61cdde7f3e jas_image_decode (libjasper.so.4 + 0x1bf3e)
                #6  0x00007f61cde9f251 n/a (libpixbufloader-jasper.so + 0x1251)
                #7  0x00007f61d129c35a gdk_pixbuf_animation_new_from_file (libgdk_pixbuf-2.0.so.0 + 0x1535a)
                #8  0x000055e990933642 n/a (/tmp/Viewnior/builddir/src/viewnior + 0x13642)
                #9  0x000055e99092fa49 n/a (/tmp/Viewnior/builddir/src/viewnior + 0xfa49)
                #10 0x00007f61d10acd5a g_closure_invoke (libgobject-2.0.so.0 + 0x31d5a)
                #11 0x00007f61d109a88e n/a (libgobject-2.0.so.0 + 0x1f88e)
                #12 0x00007f61d109e98a g_signal_emit_valist (libgobject-2.0.so.0 + 0x2398a)
                #13 0x00007f61d109f7f0 g_signal_emit (libgobject-2.0.so.0 + 0x247f0)
                #14 0x00007f61d17b0582 gtk_widget_realize (libgtk-x11-2.0.so.0 + 0x24f582)
                #15 0x00007f61d17bb005 n/a (libgtk-x11-2.0.so.0 + 0x25a005)
                #16 0x00007f61d10acd5a g_closure_invoke (libgobject-2.0.so.0 + 0x31d5a)
                #17 0x00007f61d109a9e4 n/a (libgobject-2.0.so.0 + 0x1f9e4)
                #18 0x00007f61d109e98a g_signal_emit_valist (libgobject-2.0.so.0 + 0x2398a)
                #19 0x00007f61d109f7f0 g_signal_emit (libgobject-2.0.so.0 + 0x247f0)
                #20 0x00007f61d17afcc8 gtk_widget_show (libgtk-x11-2.0.so.0 + 0x24ecc8)
                #21 0x000055e99092d28a n/a (/tmp/Viewnior/builddir/src/viewnior + 0xd28a)
                #22 0x00007f61d075d023 __libc_start_main (libc.so.6 + 0x27023)
                #23 0x000055e99092cb8e n/a (/tmp/Viewnior/builddir/src/viewnior + 0xcb8e)
Necklaces commented 4 years ago

This is due to jasper being unfinished (not supporting the whole JPEG2000 standard) and unmaintained (it also has unfixed CVEs). gdk-pixbuf does not ship with JPEG2000 support by default, but many distros package maintainers compile it in regardless. For example, Archlinux. This is therefore not a bug with Viewnior, but a bug with gdk-pixbuf.

This can be solved by installing jp2-pixbuf-loader, an alternative pixbuf loader that uses openjpeg2000 instead of jasper. It can also be installed via AUR if you're on Archlinux.

dbrgn commented 4 years ago

gdk-pixbuf does not ship with JPEG2000 support by default, but many distros package maintainers compile it in regardless. For example, Archlinux.

Hi, thanks for the information. It seems that jasper was dropped from the gdk-pixbuf2 Arch package a few weeks ago! https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/gdk-pixbuf2&id=71c56709635dbb3fd45ea5efd21125294def45a0

I can confirm that the current version of viewnior on Arch does not segfault anymore :slightly_smiling_face: