search

pts / sam2p

raster (bitmap) image converter with smart PDF and PostScript (EPS) output
http://pts.50.hu/sam2p/
GNU General Public License v2.0
42 stars 15 forks source link

Broken Pipe in Sam2p at gensio.cpp:563 #75

Closed Ngiong closed 2 years ago

Ngiong commented 3 years ago

Hello, We are currently working on a new fuzz testing feature, and we found a crash in sam2p.

Step to Reproduce We used CXXFLAGS="-g -O0" ./configure to configure sam2p, and build using make, and run it with:

./sam2p <attached_file> JPEG: -c:jpeg PDF:

Attachment: poc_0003.txt

Environment

Additional context Here's the stack trace: stack_trace_0003.txt

Program received signal SIGPIPE, Broken pipe.
0x00007ffff776b264 in __GI___libc_write (fd=5, buf=0x555555803510, nbytes=4096) at ../sysdeps/unix/sysv/linux/write.c:27
27  ../sysdeps/unix/sysv/linux/write.c: No such file or directory.
#0  0x00007ffff776b264 in __GI___libc_write (fd=5, buf=0x555555803510, nbytes=4096) at ../sysdeps/unix/sysv/linux/write.c:27
#1  0x00007ffff76e622d in _IO_new_file_write (f=0x5555557ea600, data=0x555555803510, n=4096) at fileops.c:1203
#2  0x00007ffff76e7fc1 in new_do_write (to_do=4096, data=0x555555803510 "", fp=0x5555557ea600) at fileops.c:457
#3  _IO_new_do_write (fp=0x5555557ea600, data=0x555555803510 "", to_do=4096) at fileops.c:433
#4  0x00007ffff76e6a5d in _IO_new_file_xsputn (f=0x5555557ea600, data=<optimized out>, n=16384) at fileops.c:1266
#5  0x00007ffff76da9e7 in __GI__IO_fwrite (buf=0x7fffdb8b2010, size=1, count=16384, fp=0x5555557ea600) at iofwrite.c:39
#6  0x00005555555a0d97 in Filter::PipeE::vi_write (this=0x5555557ea198, buf=0x7fffdb8b2010 "", len=327091190) at gensio.cpp:563
#7  0x000055555558502f in CjpegEncode::vi_write (this=0x5555557ea190, buf=0x7fffdb8a2010 "", len=327156726) at encoder.cpp:1046
#8  0x000055555557b7b0 in Rule::writeData (outstream=..., sf=0x7fffffffdd00) at rule.cpp:727
#9  0x000055555557b867 in Rule::writePalData (outpal=..., outstream=..., sf=0x7fffffffdd00) at rule.cpp:735
#10 0x00005555555645c0 in out_jpeg_work (out=..., or_=0x5555557fe8f0, sf=0x7fffffffdd00) at appliers.cpp:1006
#11 0x000055555557b52d in Rule::applyProfile (out=..., rule_list=0x5555557fe7f0, sf=0x7fffffffdd00) at rule.cpp:680
#12 0x000055555555fe93 in run_sam2p_engine (sout=..., serr=..., argv1=0x7fffffffdef0, helpp=false) at sam2p_main.cpp:1079
#13 0x0000555555560512 in main (argv=0x7fffffffdee8) at sam2p_main.cpp:1148

Thank you.