Ubuntu
exactimage package

bardecode crashes with buffer overflow

Bug #1425472 reported by scruss on 2015-02-25

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	exactimage (Debian)	Fix Released	Undecided	Unassigned
	exactimage (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

1. Ubuntu Release:

Description: Ubuntu 14.10
Release: 14.10

2. Package:

    exactimage:
      Installed: 0.8.9-6build1
      Candidate: 0.8.9-6build1
      Version table:
     *** 0.8.9-6build1 0
            500 http://ca.archive.ubuntu.com/ubuntu/ utopic/universe amd64 Packages
            100 /var/lib/dpkg/status

3. Expected Result:

$ bardecode example_barcode-bw.png
CTO72NBT011405070025 [type: code128 at: (49,56)]

4. Actual Result:

    $ bardecode example_barcode-bw.png
    *** buffer overflow detected ***: bardecode terminated
    ======= Backtrace: =========
    /lib/x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.x86_64-linux-gnu/libc.so.0x47d067]
    bardecode[0x47eab9]
    bardecode[0x40e0aa]
    bardecode[0x40b5bf]
    /lib/x86_64-linux-gnu/libc.so.0x40d5a7]
    ======= Memory map: ========
    00400000-004b6000 r-xp 00000000 08:06 18759695     006b5000-006bc000 r--p 000b5000 08:06 18759695     006bc000-006bd000 rw-p 000bc000 08:06 18759695     006bd000-00750000 rw-p 00000000 00:00 0
    01b80000-01ba1000 rw-p 00000000 00:00 0     7fe23e8c3000-7fe23e8c6000 r-xp 00000000 08:06 6692076     7fe23e8c6000-7fe23eac5000 ---p 00003000 08:06 6692076     7fe23eac5000-7fe23eac6000 r--p 00002000 08:06 6692076     7fe23eac6000-7fe23eac7000 rw-p 00003000 08:06 6692076     7fe23eac7000-7fe23eacc000 r-xp 00000000 08:06 18749919     7fe23eacc000-7fe23eccc000 ---p 00005000 08:06 18749919     7fe23eccc000-7fe23eccd000 r--p 00005000 08:06 18749919     7fe23eccd000-7fe23ecce000 rw-p 00006000 08:06 18749919     7fe23ecce000-7fe23ecd9000 r-xp 00000000 08:06 18743973     7fe23ecd9000-7fe23eed8000 ---p 0000b000 08:06 18743973     7fe23eed8000-7fe23eed9000 r--p 0000a000 08:06 18743973     7fe23eed9000-7fe23eedc000 rw-p 0000b000 08:06 18743973     7fe23eedc000-7fe23eefd000 r-xp 00000000 08:06 6690293     7fe23eefd000-7fe23f0fc000 ---p 00021000 08:06 6690293     7fe23f0fc000-7fe23f0fd000 r--p 00020000 08:06 6690293     7fe23f0fd000-7fe23f0fe000 rw-p 00021000 08:06 6690293     7fe23f0fe000-7fe23f114000 r-xp 00000000 08:06 18743474     7fe23f114000-7fe23f313000 ---p 00016000 08:06 18743474     7fe23f313000-7fe23f314000 r--p 00015000 08:06 18743474     7fe23f314000-7fe23f315000 rw-p 00016000 08:06 18743474     7fe23f315000-7fe23f33b000 r-xp 00000000 08:06 6689081     7fe23f33b000-7fe23f53a000 ---p 00026000 08:06 6689081     7fe23f53a000-7fe23f53d000 r--p 00025000 08:06 6689081     7fe23f53d000-7fe23f53e000 rw-p 00028000 08:06 6689081     7fe23f53e000-7fe23f558000 r-xp 00000000 08:06 18751811     7fe23f558000-7fe23f757000 ---p 0001a000 08:06 18751811     7fe23f757000-7fe23f75b000 r--p 00019000 08:06 18751811     7fe23f75b000-7fe23f75c000 rw-p 0001d000 08:06 18751811     7fe23f75c000-7fe23f79e000 r-xp 00000000 08:06 18749917     7fe23f79e000-7fe23f99d000 ---p 00042000 08:06 18749917     7fe23f99d000-7fe23f99e000 r--p 00041000 08:06 18749917     7fe23f99e000-7fe23f99f000 rw-p 00042000 08:06 18749917     7fe23f99f000-7fe23f9b7000 r-xp 00000000 08:06 6691441     7fe23f9b7000-7fe23fbb6000 ---p 00018000 08:06 6691441     7fe23fbb6000-7fe23fbb7000 r--p 00017000 08:06 6691441     7fe23fbb7000-7fe23fbb8000 rw-p 00018000 08:06 6691441     7fe23fbb8000-7fe23fc64000 r-xp 00000000 08:06 18747885     7fe23fc64000-7fe23fe63000 ---p 000ac000 08:06 18747885     7fe23fe63000-7fe23fe66000 r--p 000ab000 08:06 18747885     7fe23fe66000-7fe23fe67000 rw-p 000ae000 08:06 18747885     7fe23fe67000-7fe23feb3000 r-xp 00000000 08:06 18749803     7fe23feb3000-7fe2400b2000 ---p 0004c000 08:06 18749803     7fe2400b2000-7fe2400b3000 r--p 0004b000 08:06 18749803     7fe2400b3000-7fe2400b7000 rw-p 0004c000 08:06 18749803     7fe2400b7000-7fe2400be000 rw-p 00000000 00:00 0
    7fe2400be000-7fe2400c6000 r-xp 00000000 08:06 18752051     7fe2400c6000-7fe2402c5000 ---p 00008000 08:06 18752051     7fe2402c5000-7fe2402c6000 r--p 00007000 08:06 18752051     7fe2402c6000-7fe2402c7000 rw-p 00008000 08:06 18752051     7fe2402c7000-7fe2402ec000 r-xp 00000000 08:06 6684764     7fe2402ec000-7fe2404eb000 ---p 00025000 08:06 6684764     7fe2404eb000-7fe2404ec000 r--p 00024000 08:06 6684764     7fe2404ec000-7fe2404ed000 rw-p 00025000 08:06 6684764     7fe2404ed000-7fe24055c000 r-xp 00000000 08:06 18745941     7fe24055c000-7fe24075c000 ---p 0006f000 08:06 18745941     7fe24075c000-7fe24075d000 r--p 0006f000 08:06 18745941     7fe24075d000-7fe240760000 rw-p 00070000 08:06 18745941     7fe240760000-7fe2407a3000 r-xp 00000000 08:06 18747207     7fe2407a3000-7fe2409a3000 ---p 00043000 08:06 18747207     7fe2409a3000-7fe2409a4000 r--p 00043000 08:06 18747207     7fe2409a4000-7fe2409a5000 rw-p 00044000 08:06 18747207     7fe2409a5000-7fe2409b5000 rw-p 00000000 00:00 0
    7fe2409b5000-7fe240b6f000 r-xp 00000000 08:06 6692216     7fe240b6f000-7fe240d6f000 ---p 001ba000 08:06 6692216     7fe240d6f000-7fe240d73000 r--p 001ba000 08:06 6692216     7fe240d73000-7fe240d75000 rw-p 001be000 08:06 6692216     7fe240d75000-7fe240d7a000 rw-p 00000000 00:00 0
    7fe240d7a000-7fe240d93000 r-xp 00000000 08:06 6693655     7fe240d93000-7fe240f92000 ---p 00019000 08:06 6693655     7fe240f92000-7fe240f93000 r--p 00018000 08:06 6693655     7fe240f93000-7fe240f94000 rw-p 00019000 08:06 6693655     7fe240f94000-7fe240f98000 rw-p 00000000 00:00 0
    7fe240f98000-7fe240fae000 r-xp 00000000 08:06 6684776     7fe240fae000-7fe2411ad000 ---p 00016000 08:06 6684776     7fe2411ad000-7fe2411ae000 r--p 00015000 08:06 6684776     7fe2411ae000-7fe2411af000 rw-p 00016000 08:06 6684776     7fe2411af000-7fe2412b4000 r-xp 00000000 08:06 6692172     7fe2412b4000-7fe2414b3000 ---p 00105000 08:06 6692172     7fe2414b3000-7fe2414b4000 r--p 00104000 08:06 6692172     7fe2414b4000-7fe2414b5000 rw-p 00105000 08:06 6692172     7fe2414b5000-7fe2415a5000 r-xp 00000000 08:06 18743636     7fe2415a5000-7fe2417a5000 ---p 000f0000 08:06 18743636     7fe2417a5000-7fe2417ad000 r--p 000f0000 08:06 18743636     7fe2417ad000-7fe2417af000 rw-p 000f8000 08:06 18743636     7fe2417af000-7fe2417c4000 rw-p 00000000 00:00 0
    7fe2417c4000-7fe241866000 r-xp 00000000 08:06 18750140     7fe241866000-7fe241a65000 ---p 000a2000 08:06 18750140     7fe241a65000-7fe241a6b000 r--p 000a1000 08:06 18750140     7fe241a6b000-7fe241a6c000 rw-p 000a7000 08:06 18750140     7fe241a6c000-7fe241a8f000 r-xp 00000000 08:06 6692035     7fe241c3f000-7fe241c4c000 rw-p 00000000 00:00 0
    7fe241c8b000-7fe241c8e000 rw-p 00000000 00:00 0
    7fe241c8e000-7fe241c8f000 r--p 00022000 08:06 6692035     7fe241c8f000-7fe241c90000 rw-p 00023000 08:06 6692035     7fe241c90000-7fe241c91000 rw-p 00000000 00:00 0
    7fff798af000-7fff798d5000 rw-p 00000000 00:00 0     7fff79938000-7fff7993a000 r-xp 00000000 00:00 0     7fff7993a000-7fff7993c000 r--p 00000000 00:00 0     ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0     Aborted (core dumped) />6(+0x78aff)[0x7fe240a2daff]
/>6(__fortify_fail+0x5c)[0x7fe240ac160c]
/>6(+0x10a660)[0x7fe240abf660]
/>6(+0x109b69)[0x7fe240abeb69]
/>6(_IO_default_xsputn+0xbc)[0x7fe240a3118c]
/>6(_IO_vfprintf+0xadf)[0x7fe2409ff8cf]
/>6(__vsprintf_chk+0x84)[0x7fe240abebf4]
/>6(__sprintf_chk+0x7d)[0x7fe240abeb4d]
/>6(__libc_start_main+0xf5)[0x7fe2409d6ec5]
/usr/bin/bardecode
/usr/bin/bardecode
/usr/bin/bardecode
[heap]
/lib/x86_64-linux-gnu/libdl-2.19.so
/lib/x86_64-linux-gnu/libdl-2.19.so
/lib/x86_64-linux-gnu/libdl-2.19.so
/lib/x86_64-linux-gnu/libdl-2.19.so
/usr/lib/x86_64-linux-gnu/libIlmThread.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmThread.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmThread.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmThread.so.6.0.0
/usr/lib/x86_64-linux-gnu/libjbig.so.0
/usr/lib/x86_64-linux-gnu/libjbig.so.0
/usr/lib/x86_64-linux-gnu/libjbig.so.0
/usr/lib/x86_64-linux-gnu/libjbig.so.0
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
/usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0
/usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0
/usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0
/usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0
/lib/x86_64-linux-gnu/libexpat.so.1.6.0
/lib/x86_64-linux-gnu/libexpat.so.1.6.0
/lib/x86_64-linux-gnu/libexpat.so.1.6.0
/lib/x86_64-linux-gnu/libexpat.so.1.6.0
/usr/lib/x86_64-linux-gnu/libIex.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIex.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIex.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIex.so.6.0.0
/usr/lib/x86_64-linux-gnu/libHalf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libHalf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libHalf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libHalf.so.6.0.0
/lib/x86_64-linux-gnu/libz.so.1.2.8
/lib/x86_64-linux-gnu/libz.so.1.2.8
/lib/x86_64-linux-gnu/libz.so.1.2.8
/lib/x86_64-linux-gnu/libz.so.1.2.8
/usr/lib/x86_64-linux-gnu/libIlmImf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmImf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmImf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libIlmImf.so.6.0.0
/usr/lib/x86_64-linux-gnu/libjasper.so.1.0.0
/usr/lib/x86_64-linux-gnu/libjasper.so.1.0.0
/usr/lib/x86_64-linux-gnu/libjasper.so.1.0.0
/usr/lib/x86_64-linux-gnu/libjasper.so.1.0.0
/usr/lib/x86_64-linux-gnu/libgif.so.4.1.6
/usr/lib/x86_64-linux-gnu/libgif.so.4.1.6
/usr/lib/x86_64-linux-gnu/libgif.so.4.1.6
/usr/lib/x86_64-linux-gnu/libgif.so.4.1.6
/lib/x86_64-linux-gnu/libpng12.so.0.51.0
/lib/x86_64-linux-gnu/libpng12.so.0.51.0
/lib/x86_64-linux-gnu/libpng12.so.0.51.0
/lib/x86_64-linux-gnu/libpng12.so.0.51.0
/usr/lib/x86_64-linux-gnu/libtiff.so.5.2.0
/usr/lib/x86_64-linux-gnu/libtiff.so.5.2.0
/usr/lib/x86_64-linux-gnu/libtiff.so.5.2.0
/usr/lib/x86_64-linux-gnu/libtiff.so.5.2.0
/usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2
/usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2
/usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2
/usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2
/lib/x86_64-linux-gnu/libc-2.19.so
/lib/x86_64-linux-gnu/libc-2.19.so
/lib/x86_64-linux-gnu/libc-2.19.so
/lib/x86_64-linux-gnu/libc-2.19.so
/lib/x86_64-linux-gnu/libpthread-2.19.so
/lib/x86_64-linux-gnu/libpthread-2.19.so
/lib/x86_64-linux-gnu/libpthread-2.19.so
/lib/x86_64-linux-gnu/libpthread-2.19.so
/lib/x86_64-linux-gnu/libgcc_s.so.1
/lib/x86_64-linux-gnu/libgcc_s.so.1
/lib/x86_64-linux-gnu/libgcc_s.so.1
/lib/x86_64-linux-gnu/libgcc_s.so.1
/lib/x86_64-linux-gnu/libm-2.19.so
/lib/x86_64-linux-gnu/libm-2.19.so
/lib/x86_64-linux-gnu/libm-2.19.so
/lib/x86_64-linux-gnu/libm-2.19.so
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.20
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.20
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.20
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.20
/usr/lib/x86_64-linux-gnu/libfreetype.so.6.11.1
/usr/lib/x86_64-linux-gnu/libfreetype.so.6.11.1
/usr/lib/x86_64-linux-gnu/libfreetype.so.6.11.1
/usr/lib/x86_64-linux-gnu/libfreetype.so.6.11.1
/lib/x86_64-linux-gnu/ld-2.19.so
/lib/x86_64-linux-gnu/ld-2.19.so
/lib/x86_64-linux-gnu/ld-2.19.so
[stack]
[vdso]
[vvar]
[vsyscall]

Test image used for example attached.

Tags: