Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 21 Oct 2016 17:07:22 +0200
From: Agostino Sarubbo <>
Subject: Re: potrace: memory allocation failure

On Saturday 08 October 2016 22:30:54 Agostino Sarubbo wrote:
> A crafted image, through a fuzz testing, causes the memory allocation to
> fail.
> This is the first case where my ASan symbolyzer didn’t start up correctly.
> I’m  reporting only what it prints at the end (not useful at all but
> demostrates a bit that the issue exist)

I worked on it and now I'm able to get the full stacktrace, which has been 
updated on the post.

For completeness I'm pasting the interesting trace here:

   #9 0x500bcb in bm_new /tmp/portage/media-
    #10 0x500bcb in bm_readbody_bmp /tmp/portage/media-
    #11 0x500bcb in bm_read /tmp/portage/media-
    #12 0x4f8608 in process_file /tmp/portage/media-
    #13 0x4f5904 in main /tmp/portage/media-
    #14 0x7f167735c61f in __libc_start_main /var/tmp/portage/sys-
    #15 0x4190b8 in getenv (/usr/bin/potrace+0x4190b8)


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ