search

tjko / jpegoptim

jpegoptim - utility to optimize/compress JPEG files
http://www.iki.fi/tjko/projects.html
GNU General Public License v3.0
1.56k stars 116 forks source link

SEGV error in optimize, jpegoptim.c:632 #118

Closed waugustus closed 1 year ago

waugustus commented 1 year ago

Hi,

There is a SEGV error in optimize, jpegoptim.c:632, as shown as follows.

$ CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" CXXFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" ./configure --prefix=$PWD/build_asan --disable-shared
$ build_asan/bin/jpegoptim poc
poc AddressSanitizer:DEADLYSIGNAL
=================================================================
==131697==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f2f332ea2a7 bp 0x7ffdaec461c0 sp 0x7ffdaec45850 T0)
==131697==The signal is caused by a READ memory access.
==131697==Hint: address points to the zero page.
    #0 0x7f2f332ea2a6  (/lib/x86_64-linux-gnu/libjpeg.so.8+0x202a6)
    #1 0x7f2f332eacb6  (/lib/x86_64-linux-gnu/libjpeg.so.8+0x20cb6)
    #2 0x7f2f332e8fce  (/lib/x86_64-linux-gnu/libjpeg.so.8+0x1efce)
    #3 0x7f2f332e0f2e in jpeg_consume_input (/lib/x86_64-linux-gnu/libjpeg.so.8+0x16f2e)
    #4 0x7f2f332e11b1 in jpeg_read_header (/lib/x86_64-linux-gnu/libjpeg.so.8+0x171b1)
    #5 0x556a29b983c6 in optimize /root/programs_latest/jpegoptim/jpegoptim.c:632
    #6 0x556a29b9c7bb in main /root/programs_latest/jpegoptim/jpegoptim.c:1320
    #7 0x7f2f330fc082 in __libc_start_main ../csu/libc-start.c:308
    #8 0x556a29b95ccd in _start (/root/programs_latest/jpegoptim/build_asan/bin/jpegoptim+0x7ccd)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libjpeg.so.8+0x202a6) 
==131697==ABORTING

poc.zip

Affected version: jpegoptim 1.5.0 and the master branch b922c2745a69accfc2f59d9d98ba9aef8972d541 (Fri Nov 11 19:17:31 2022 -0800)

Environment:

$ cat /etc/issue
Ubuntu 20.04.5 LTS \n \l

Additional information: It seems that the crash occurred in the libjpeg.so.8. Since it is the default version of libjpeg in Ubuntu 18.04, 20.04, etc., I think this crash may has a wider impact. A simple fix might be to limit the old version of libjpeg in configure.

tjko commented 1 year ago

This seems to be issue with the "libjpeg" library used. No indication this is issue in jpegoptim itself (?)

tjko commented 1 year ago

I was unable to reproduce with latest version (from master branch) using latest libjpeg version "9e".

Can you still reproduce with latest version?

waugustus commented 1 year ago

Hi, I have confirmed that this bug cannot be reproduced in commit https://github.com/tjko/jpegoptim/commit/3401f250ace692a5b23eac1617dc429eb3566f9f. Thanks for your fix.