SEGV in optimize, jpegoptim.c:1055 (without invoking libjpeg)

[waugustus]

Hi,

There is a SEGV error in optimize, jpegoptim.c:1055, as shown as follows.

$ CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" CXXFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" ./configure --prefix=$PWD/build_asan --disable-shared
$ build_asan/bin/jpegoptim --stdout poc
poc 32x32 24bit N  [OK] 413 --> 413 bytes (0.00%), skipped.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==131707==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fc3a0d9901e bp 0x000000000d68 sp 0x7ffeb7d30440 T0)
==131707==The signal is caused by a READ memory access.
==131707==Hint: address points to the zero page.
    #0 0x7fc3a0d9901d in __GI__IO_default_xsputn /build/glibc-SzIz7B/glibc-2.31/libio/genops.c:399
    #1 0x7fc3a0d9901d in __GI__IO_default_xsputn /build/glibc-SzIz7B/glibc-2.31/libio/genops.c:370
    #2 0x7fc3a0d966f9 in _IO_new_file_xsputn /build/glibc-SzIz7B/glibc-2.31/libio/fileops.c:1265
    #3 0x7fc3a0d966f9 in _IO_new_file_xsputn /build/glibc-SzIz7B/glibc-2.31/libio/fileops.c:1197
    #4 0x7fc3a0d8a3c0 in __GI__IO_fwrite /build/glibc-SzIz7B/glibc-2.31/libio/iofwrite.c:39
    #5 0x7fc3a1137055 in __interceptor_fwrite ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1102
    #6 0x55c8474280f8 in optimize /root/programs_latest/jpegoptim/jpegoptim.c:1055
    #7 0x55c8474297bb in main /root/programs_latest/jpegoptim/jpegoptim.c:1320
    #8 0x7fc3a0d2b082 in __libc_start_main ../csu/libc-start.c:308
    #9 0x55c847422ccd in _start (/root/programs_latest/jpegoptim/build_asan/bin/jpegoptim+0x7ccd)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/glibc-SzIz7B/glibc-2.31/libio/genops.c:399 in __GI__IO_default_xsputn
==131707==ABORTING

poc.zip

Affected version: jpegoptim 1.5.0 and the master branch b922c2745a69accfc2f59d9d98ba9aef8972d541 (Fri Nov 11 19:17:31 2022 -0800)

Environment:

$ cat /etc/issue
Ubuntu 20.04.5 LTS \n \l

Additional information:

[tjko]

@waugustus, thanks!

This should now be fixed with change: 8d6fdb02a1d7cdbc4bec96407b28fd1703bf94f3