search

pixiv / go-libjpeg

An implementation of Go binding for libjpeg (or libjpeg-turbo).
BSD 3-Clause "New" or "Revised" License
156 stars 52 forks source link

signal SIGSEGV: segmentation violation #51

Closed bayandin closed 5 years ago

bayandin commented 5 years ago

I'm playing with go-fuzz and have found a crash:

package main

import (
    "bytes"

    "github.com/pixiv/go-libjpeg/jpeg"
)

func main() {
    data := []byte("\xff\xd8\xff\xdb\x00C\x000000000000000" +
        "00000000000000000000" +
        "00000000000000000000" +
        "00000000000\xff\xc9\x00\v\b00\x000" +
        "\x01\x01\x14\x00\xff\xda\x00\b\x01\x010\x00?\x0000")
    jpeg.Decode(bytes.NewReader(data), &jpeg.DecoderOptions{})
}
fatal error: unexpected signal during runtime execution
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x7f321d858a60]

runtime stack:
runtime.throw(0x4d5feb, 0x2a)
    /usr/local/go/src/runtime/panic.go:617 +0x72
runtime.sigpanic()
    /usr/local/go/src/runtime/signal_unix.go:374 +0x4a9

goroutine 1 [syscall]:
runtime.cgocall(0x495f40, 0xc000040e60, 0x495f00)
    /usr/local/go/src/runtime/cgocall.go:128 +0x5b fp=0xc000040e30 sp=0xc000040df8 pc=0x405f7b
github.com/pixiv/go-libjpeg/jpeg._Cfunc_decode_gray(0x21257e0, 0xc0000a2000, 0x2000000040)
    _cgo_gotypes.go:678 +0x45 fp=0xc000040e60 sp=0xc000040e30 pc=0x490ec5
github.com/pixiv/go-libjpeg/jpeg.decodeGray.func3(0x21257e0, 0xc000040ef0, 0x20)
    /go/src/github.com/pixiv/go-libjpeg/jpeg/decompress.go:189 +0x96 fp=0xc000040ea8 sp=0xc000040e60 pc=0x493b96
github.com/pixiv/go-libjpeg/jpeg.decodeGray(0x21257e0, 0xc000096140, 0xc000040f48, 0xc000040f01)
    /go/src/github.com/pixiv/go-libjpeg/jpeg/decompress.go:189 +0xe1 fp=0xc000040ee8 sp=0xc000040ea8 pc=0x4920c1
github.com/pixiv/go-libjpeg/jpeg.Decode(0x4e9480, 0xc00007e1b0, 0xc000040f58, 0x0, 0x0, 0x0, 0x0)
    /go/src/github.com/pixiv/go-libjpeg/jpeg/decompress.go:164 +0x151 fp=0xc000040f20 sp=0xc000040ee8 pc=0x491e21
main.main()
    /go/test.go:15 +0xe4 fp=0xc000040f98 sp=0xc000040f20 pc=0x495634
runtime.main()
    /usr/local/go/src/runtime/proc.go:200 +0x20c fp=0xc000040fe0 sp=0xc000040f98 pc=0x42d82c
runtime.goexit()
    /usr/local/go/src/runtime/asm_amd64.s:1337 +0x1 fp=0xc000040fe8 sp=0xc000040fe0 pc=0x455351
exit status 2

go version go1.12.9 linux/amd64
libjpeg-turbo 2.0.2
harukasan commented 5 years ago

Thank you for your report. It will fix in #53.