dmg2img crashed with SIGSEGV in convert_char8()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dmg2img (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: dmg2img
This occurs on Lucid i386 when trying to convert a .dmg CD image.
Because of bug #546108 "No symbols in dbgsym package" I had to rebuild the package locally, adding "-g" to CFLAGS and removing the "-s" from the link in Makefile.
This report therefore contains a complete stack-trace which isn't possible using the Ubuntu -dbgsym package.
ProblemType: Crash
Architecture: i386
Date: Wed Mar 24 16:23:15 2010
DistroRelease: Ubuntu 10.04
ExecutablePath: /usr/bin/dmg2img
Package: dmg2img 1.6.1-1 [modified: usr/bin/dmg2img usr/bin/vfdecrypt]
ProcCmdline: dmg2img -d Mac\ OS\ X\ Install\ Disc\ 1.dmg MacOSX10.
ProcEnviron:
SHELL=/bin/bash
LANG=en_GB.utf8
ProcVersionSign
SegvAnalysis:
Segfault happened at: 0x8048d5a <convert_char8+10>: movzbl 0x4(%ecx),%ebx
PC (0x08048d5a) ok
source "0x4(%ecx)" (0x0000001c) not located in a known VMA region (needed readable region)!
destination "%ebx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: dmg2img
StacktraceTop:
convert_char8 (c=0x18 <Address 0x18 out of bounds>)
main (argc=4, argv=0xbfbf5a54) at dmg2img.c:560
Title: dmg2img crashed with SIGSEGV in convert_char8()
Uname: Linux 2.6.32-17-generic i686
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
Related branches
Changed in dmg2img (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Medium |
The problem is in dmg2img.c, around line 560:
if (convert_ char8(( unsigned char *)parts[1].Data + 24) != 0)
Looking at the backtrace, gdb shows that 0x18 is passed to convert_char8():
#0 0x08048d5a in convert_char8 (c=0x18 <Address 0x18 out of bounds>) at dmg2img.h:80
0x18 == 24 decimal, the value added to parts[1].Data.
Therefore I sumise the pointer in parts[1].Data is unexpectedly 0, and isn't checked for.