You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
time ago I found multiple crashes on jasper. I didn't know where to post the bugs since the development seems dead, so I just informed the community on oss-security.
Now I discovered that the development is still active, here the details:
# imginfo $FILE
==15555==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f02a9c081ee bp 0x7ffd1e22e110 sp 0x7ffd1e22dde0 T0)
#0 0x7f02a9c081ed in bmp_getdata /tmp/jasper-version-1.900.3/src/libjasper/bmp/bmp_dec.c:383:5
#1 0x7f02a9c081ed in bmp_decode /tmp/jasper-version-1.900.3/src/libjasper/bmp/bmp_dec.c:190
#2 0x7f02a9bd4a9a in jas_image_decode /tmp/jasper-version-1.900.3/src/libjasper/base/jas_image.c:372:16
#3 0x4f11bd in main /tmp/jasper-version-1.900.3/src/appl/imginfo.c:179:16
#4 0x7f02a8cec61f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.22-r4/work/glibc-2.22/csu/libc-start.c:289
#5 0x418bc8 in _start (/tmp/jasper-version-1.900.3/src/appl/.libs/imginfo+0x418bc8)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /tmp/jasper-version-1.900.3/src/libjasper/bmp/bmp_dec.c:383:5 in bmp_getdata
==15555==ABORTING
Tested against the latest 1.900.3
Testcase: 10.crash.zip
The text was updated successfully, but these errors were encountered:
Hello,
time ago I found multiple crashes on jasper. I didn't know where to post the bugs since the development seems dead, so I just informed the community on oss-security.
Now I discovered that the development is still active, here the details:
Tested against the latest 1.900.3
Testcase:
10.crash.zip
The text was updated successfully, but these errors were encountered: