Ubuntu
librsvg package

Segmentation fault while converting an empty svg

Bug #1760355 reported by shyamkumar
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
librsvg (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

gdb -q --args rsvg crashed2.svg test.png
Reading symbols from rsvg...(no debugging symbols found)...done.
(gdb) run
Starting program: /usr/bin/rsvg crashed2.svg test.png
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

(rsvg:14399): librsvg-CRITICAL **: rsvg_handle_set_size_callback: assertion 'handle != NULL' failed

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7bc55b0 in rsvg_handle_get_dimensions () from /usr/lib/x86_64-linux-gnu/librsvg-2.so.2
(gdb) backtrace
#0 0x00007ffff7bc55b0 in rsvg_handle_get_dimensions () at /usr/lib/x86_64-linux-gnu/librsvg-2.so.2
#1 0x00000000004025d3 in ()
#2 0x00007ffff66d0830 in __libc_start_main (main=
    0x401960, argc=3, argv=0x7fffffffe568, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe558) at ../csu/libc-start.c:291
#3 0x0000000000402989 in ()

Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

Hi Shyamkumar,

Thanks for taking the time to report this bug and helping to make Ubuntu better.
Could you please provide more info about this, e.g: release you found this issue/or version of the package you are using.

Thanks!

Revision history for this message
shyamkumar (0xshyam) wrote :

The version of rsvg i am using is 2.40.13

$ rsvg --version
rsvg-convert version 2.40.13

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better.

Please report this issue to the upstream librsvg developers by filing a bug at https://gitlab.gnome.org/GNOME/librsvg/issues

Once the librsvg team has evaluated the issue, and a proper fix is available, we will release a security update for Ubuntu.

Revision history for this message
Steve Beattie (sbeattie) wrote :

It looks like this was reported in https://gitlab.gnome.org/GNOME/librsvg/issues/247, which upstream claims was fixed in 2.40.19. Possibly this is commit https://gitlab.gnome.org/GNOME/librsvg/commit/05fd03117bffbae36b28b5ea7934520b46751476 .

Marc Deslauriers (mdeslaur)
information type: Private Security → Public Security
Changed in librsvg (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.