Ubuntu
squeeze package

squeeze crashed with SIGSEGV in lsq_archive_iter_is_directory()

Bug #426304 reported by Lionel Le Folgoc
26
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Squeeze
Won't Fix
Critical
squeeze (Debian)
Fix Released
Unknown
squeeze (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: squeeze

Crashed when trying to open the png file inside the zip file downloadable at http://project-gimpbc.deviantart.com/art/GIMP-Arrow-Brushes-48299356

ProblemType: Crash
Architecture: amd64
Date: Tue Sep 8 16:15:45 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/squeeze
Package: squeeze 0.2.3-5ubuntu1
ProcCmdline: squeeze
ProcEnviron:
 PATH=(custom, user)
 LANG=fr_FR.UTF-8
 SHELL=/usr/bin/zsh
ProcVersionSignature: Ubuntu 2.6.31-9.29-generic
SegvAnalysis:
 Segfault happened at: 0x7f524b46e6c0 <lsq_archive_iter_is_directory>: mov 0x8(%rdi),%rax
 PC (0x7f524b46e6c0) ok
 source "0x8(%rdi)" (0x00000008) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: squeeze
StacktraceTop:
 lsq_archive_iter_is_directory ()
 lsq_archive_iter_get_path ()
 lsq_concat_iter_filenames ()
 ?? () from /usr/lib/libsqueeze-0.2.so.0
 ?? () from /usr/lib/libsqueeze-0.2.so.0
Title: squeeze crashed with SIGSEGV in lsq_archive_iter_is_directory()
Uname: Linux 2.6.31-9-generic x86_64
UserGroups: adm admin audio cdrom dialout lpadmin plugdev sambashare video

Revision history for this message
In , Pavol Rusnak (prusnak) wrote :
Download full text (3.2 KiB)

Squeeze always crashes when extracting a file from archive.

Steps to reproduce:
1) open any archive
2) pick one file and double-click
3) select open or extract (really does not matter)
4) crash!

stacktrace:
#0 lsq_archive_iter_get_depth (iter=0x1300000000000054) at archive-iter.c:709
#1 0x00007ffff7bd539c in lsq_archive_iter_get_path (iter=0x1300000000000054)
    at archive-iter.c:723
#2 0x00007ffff7bd2c7c in lsq_concat_iter_filenames (file_iters=0x910a40)
    at internals.c:68
#3 0x00007ffff7bdad9b in lsq_command_builder_gnu_tar_build_extract (
    builder=<value optimized out>, archive=0x7ffff7bdbae1, dest_path=0x0,
    file_iters=0x20) at command-builder-gnu-tar.c:413
#4 0x00007ffff7bd7b5c in lsq_command_builder_build_open (builder=0x6565e0,
    archive=0xa43160, files=0x910a40) at command-builder.c:121
#5 0x00007ffff7bd341c in lsq_archive_view (archive=0xa43160,
    files=<value optimized out>) at archive.c:469
#6 0x000000000040c206 in cb_sq_main_window_notebook_file_activated (
    notebook=0x717000, iter=0xba8fe0, data=<value optimized out>)
    at main_window.c:1138
#7 0x00007ffff20e837d in g_closure_invoke () from /usr/lib64/libgobject-2.0.so.0
#8 0x00007ffff20fe07d in ?? () from /usr/lib64/libgobject-2.0.so.0
#9 0x00007ffff20ff738 in g_signal_emit_valist ()
   from /usr/lib64/libgobject-2.0.so.0
#10 0x00007ffff20ffc63 in g_signal_emit () from /usr/lib64/libgobject-2.0.so.0
#11 0x00007ffff20e837d in g_closure_invoke () from /usr/lib64/libgobject-2.0.so.0
#12 0x00007ffff20fe07d in ?? () from /usr/lib64/libgobject-2.0.so.0
#13 0x00007ffff20ff738 in g_signal_emit_valist ()
   from /usr/lib64/libgobject-2.0.so.0
#14 0x00007ffff20ffc63 in g_signal_emit () from /usr/lib64/libgobject-2.0.so.0
#15 0x00007ffff20e837d in g_closure_invoke () from /usr/lib64/libgobject-2.0.so.0
#16 0x00007ffff20fe07d in ?? () from /usr/lib64/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#17 0x00007ffff20ff738 in g_signal_emit_valist ()
   from /usr/lib64/libgobject-2.0.so.0
#18 0x00007ffff20ffc63 in g_signal_emit () from /usr/lib64/libgobject-2.0.so.0
#19 0x00007ffff58b6562 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#20 0x00007ffff57c4208 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#21 0x00007ffff20e837d in g_closure_invoke () from /usr/lib64/libgobject-2.0.so.0
#22 0x00007ffff20fdd5b in ?? () from /usr/lib64/libgobject-2.0.so.0
#23 0x00007ffff20ff5af in g_signal_emit_valist ()
   from /usr/lib64/libgobject-2.0.so.0
#24 0x00007ffff20ffc63 in g_signal_emit () from /usr/lib64/libgobject-2.0.so.0
#25 0x00007ffff58c75fe in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#26 0x00007ffff57bcb73 in gtk_propagate_event ()
   from /usr/lib64/libgtk-x11-2.0.so.0
#27 0x00007ffff57bdc93 in gtk_main_do_event () from /usr/lib64/libgtk-x11-2.0.so.0
#28 0x00007ffff523022c in ?? () from /usr/lib64/libgdk-x11-2.0.so.0
#29 0x00007ffff1c4d0db in g_main_context_dispatch ()
   from /usr/lib64/libglib-2.0.so.0
#30 0x00007ffff1c508ad in ?? () from /usr/lib64/libglib-2.0.so.0
#31 0x00007ffff1c50ddd in g_main_loop_run () from /usr/lib64/libglib-2.0.so.0
#32 0x00007ffff57be0a7 in gtk_main () from /usr/lib64/libgtk-x11-2.0.so.0
#33 0x000000000040a25...

Read more...

Revision history for this message
Lionel Le Folgoc (mrpouit) wrote :
Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt (retraced)

StacktraceTop:lsq_archive_iter_is_directory (iter=0x0) at archive-iter.c:1135
lsq_archive_iter_get_path (iter=0x0)
lsq_concat_iter_filenames (file_iters=0x26daa40)
lsq_command_builder_zip_build_extract (
lsq_command_builder_build_open (builder=0x24a70c0,

Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt (retraced)
Changed in squeeze (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Lionel Le Folgoc (mrpouit)
visibility: private → public
Changed in squeeze (Ubuntu):
status: New → Triaged
Revision history for this message
In , Frivoal-m (frivoal-m) wrote :

Reproduced on squeeze 0.2.3 on 64 bit arch linux.

Revision history for this message
In , Trashavenue (trashavenue) wrote :

Reproduced on Squeeze 0.2.3 on FreeBSD 8.2 STABLE (amd64).

Revision history for this message
In , Stealth-6 (stealth-6) wrote :

Can not reproduce with Squeeze 0.4.90 (git version)

Revision history for this message
Lionel Le Folgoc (mrpouit) wrote :

Fixed in debian in 0.2.3-11, will be fixed in precise when it's autosynced.

Changed in squeeze (Ubuntu):
status: Triaged → Fix Committed
Bug Watch Updater (bug-watch-updater)
Changed in squeeze (Debian):
status: Unknown → Fix Released
Revision history for this message
Lionel Le Folgoc (mrpouit) wrote :

This bug was fixed in the package squeeze - 0.2.3-12

---------------
squeeze (0.2.3-12) unstable; urgency=low

  * debian/patches:
    - 03_fix_segfault_on_relative_paths added, thanks to Ibragimov Rinat.
      Correctly handle path with '/' in them. closes: #607483, #608005
  * debian/rules:
    - use dh 9 and dpkg-dev 1.16.1 hardening support
    - run xdt-autogen before configure, fixing the Makefiles to build
      correctly with PIE.
    - use multi arch dirs in various rules
    - drop the squeeze.tap move, not needed anymore.
  * debian/control:
    - update debhelper build-dep for v9 hardening support.
    - add build-dep on dpkg-dev 1.16.1 for hardening support.
    - drop build-dep on hardening-wrapper.
    - add build-dep on xfce4-dev-tools, autoconf, libtool, intltool and
      gtk-doc-tools to be able to regenerate Makefiles.
    - add Pre-Depends: ${misc:Pre-Depends} for multiarch.
  * debian/compat bumped to 9.
  * debian/lintian updated for multiarch paths.

 -- Yves-Alexis Perez <email address hidden> Fri, 18 Nov 2011 15:11:53 +0100

squeeze (0.2.3-11) unstable; urgency=low

  * debian/patches:
    - 02_fix-segfault-open-files added, thanks to Ibragimov Rinat, fix
      segfault when trying to open files in an archive. closes: #475072

 -- Yves-Alexis Perez <email address hidden> Wed, 16 Nov 2011 22:45:39 +0100

Changed in squeeze (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
In , Skunnyk-q (skunnyk-q) wrote :

squeeze is not maintained anymore, closing.

Bug Watch Updater (bug-watch-updater)
Changed in squeeze:
importance: Unknown → Critical
status: Unknown → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.