Segfault in seejpeg 1.10

From: Patryk Chmielewski (argvat_private)
Date: Sat Nov 10 2001 - 12:35:38 PST

Next message: Rob Salmond: "Re: Infected jpeg files?"

Previous message: Samu: "Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?"
Next in thread: Giuseppe Dani: "Re: Segfault in seejpeg 1.10"
Reply: Giuseppe Dani: "Re: Segfault in seejpeg 1.10"
Reply: TripleDES: "Re: Segfault in seejpeg 1.10"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I found bug in seejpeg 1.10 but i think it's not expolitable.  Let's see:
(my seejpeg don't have suid and i'm showing this bug running seejpeg at root)


My temporary dir is empty:
root@jaskinia:/tmp$ ls
root@jaskinia:/tmp$

Next we must create some empty files:
root@jaskinia:/tmp$ touch fuj
root@jaskinia:/tmp$ touch ble
root@jaskinia:/tmp$ touch chakiery_z_polzki
root@jaskinia:/tmp$

And main part:

root@jaskinia:/tmp# seejpeg *
[many '\n' :)]
Empty input file

svgalib: Signal 11: Segmentation fault received.
Segmentation fault (core dumped)
root@jaskinia:/tmp#

My OS:
argv@jaskinia:~$ uname -a
Linux jaskinia 2.2.20 #1 Sat Nov 3 22:18:56 CET 2001 i686 unknown
argv@jaskinia:~$
argv@jaskinia:~$ cat /etc/slackware-version
8.0.0 (åtta)
argv@jaskinia:~$

What do you think about this?
Can you reproduce this on your machines?

-- 
-=[  Patryk Chmielewski   -> :: <-   argvat_private  ]=-
-=[   ******      http://argv.jaskinia.eu.org     ******   ]=-
-=[ "If you lie to the compiler, it will get its revenge." ]=-

Next message: Rob Salmond: "Re: Infected jpeg files?"
Previous message: Samu: "Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?"
Next in thread: Giuseppe Dani: "Re: Segfault in seejpeg 1.10"
Reply: Giuseppe Dani: "Re: Segfault in seejpeg 1.10"
Reply: TripleDES: "Re: Segfault in seejpeg 1.10"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Nov 10 2001 - 13:33:58 PST