Ubuntu
stegdetect package

segmentation fault stegdetect 0.6

Bug #245063 reported by Thomas Roten
6
Affects Status Importance Assigned to Milestone
stegdetect (Debian)
Fix Released
Unknown
stegdetect (Ubuntu)
Fix Released
Undecided
JC Hulce

Bug Description

Binary package hint: stegdetect

Segmentation fault error message when attempting to use the "stegbreak" command, a part of the stegdetect package.

$ stegbreak FILENAME.jpg
Segmentation Fault

Attempted solution: Compile from source. I could not get the source code for versions 0.5 or 0.6 to compile in order to see if compiling from source would fix the problem.

Also a bug report on Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345230

Information from /var/log/messages:
Jul 2 22:05:46 unendlich kernel: [ 9841.053080] stegbreak[3218]: segfault at 0000d6d8 eip 0804a53d esp bf812c60 error 4
Jul 2 22:05:59 unendlich kernel: [ 9845.424022] stegbreak[3232] general protection eip:806461f esp:bffefc5c error:0

Ubuntu release: Ubuntu 8.04 - Hardy Heron

stegdetect:
  Installed: 0.6-4build1
  Candidate: 0.6-4build1
  Version table:
 *** 0.6-4build1 0
        500 http://us.archive.ubuntu.com hardy/universe Packages
        100 /var/lib/dpkg/status

To reproduce problem:

sudo apt-get install stegdetect

Then we need to fix bug # 55363 in order to reproduce the problem.
So, download the 0.5 source code archive from here: http://www.outguess.org/download.php
Move the rules.ini file from the archive to /usr/share/stegbreak/rules.ini

stegbreak FILENAME.jpg

You should get the message "Segmentation fault".

Workaround using WINE:

First, make sure wine is installed.

Head to http://www.outguess.org/download.php and download the "Stegdetect 0.4 - Windows Binary." Unzip it, then cd to the directory:

Code:
cd stegdetect

Then, we need to put the files in the correct locations:

Code:
sudo mkdir /usr/local/share/stegbreak
sudo cp rules.ini /usr/local/share/stegbreak/
cp * ~/.wine/drive_c/windows/system32/

Then, run this to use the program:

Code:
wine stegbreak.exe ARGUMENTS

(Workaround from Ubuntu Forums: http://ubuntuforums.org/showthread.php?t=224443 )

See original description
Thomas Roten (tsroten)
description: updated
description: updated
Thomas Roten (tsroten)
description: updated
Thomas Roten (tsroten)
description: updated
Thomas Roten (tsroten)
description: updated
Changed in stegdetect:
status: New → Confirmed
status: Confirmed → New
Revision history for this message
Thomas Roten (tsroten) wrote :

Here is the Valgrind log since the program crashes with a Segmentation fault.

Revision history for this message
Olivier Bilodeau (plaxx) wrote :

I have this problem too.

Apparently this has been fixed in latest debian package (from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345230).

How does the syncing with debian work? Would I be able to test this debian package and confirm that it works? I'm using Ubuntu Gutsy 7.10.

If this really fixes it, it would be great to have the fix included in time for intrepid.

Bug Watch Updater (bug-watch-updater)
Changed in stegdetect:
status: Unknown → Fix Released
Revision history for this message
Mike (pf-launchpad) wrote :

[Note: the following was done on a Debian system, using Debian's stegbreak 0.6-6 package, compiled from source]

The segfault issue appears to be with characters > 127 in the default wordlist:

(gdb) set args ./penguin.jpg
(gdb) run
Starting program: /usr/src/stegdetect-0.6/stegbreak ./penguin.jpg
Loaded 1 files...

Program received signal SIGSEGV, Segmentation fault.
0x000000000040787b in rules_apply (word=0x7fff66112250 "Asunción",
    rule=0x7fff661117d0 "lQ", split=-1) at rules.c:416
416 CLASS(0, REJECT, {})
(gdb) bt
#0 0x000000000040787b in rules_apply (word=0x7fff66112250 "Asunción",
    rule=0x7fff661117d0 "lQ", split=-1) at rules.c:416
#1 0x0000000000403790 in do_wordlist_crack (
    name=0x419c8e "/usr/share/dict/words") at stegbreak.c:202
#2 0x0000000000403ef5 in main (argc=<value optimized out>,
    argv=0x7fff661138f0) at stegbreak.c:592

Easy fix is to create a wordlist for stegbreak, excluding words containing the problem characters:

$ perl -pe 'BEGIN { @bad = (128..255); map { $_ = chr $_ } @bad; }; undef $_ if /[@bad]/' /usr/share/dict/words > stegbreak.wordlist
$ stegbreak -f stegbreak.wordlist penguin.jpg
Loaded 1 files...
penguin.jpg : negative
Processed 1 files, found 0 embeddings.
Time: 349 seconds: Cracks: 3706296, 10619.8 c/s

Revision history for this message
Olivier Bilodeau (plaxx) wrote :

The workaround doesn't work for stegdetect-0.6-4. I am using ubuntu gutsy (7.10).

Even after a cleanup of the ascii chars > 127 using your fix, I still get a segfault.

Revision history for this message
Willem Toorop (willem-toorop) wrote :

I noticed that stegbreak doesn't segfault anymore when the -O2 flag is removed from CCFLAGS! At least on a x86 platform. On a PPC it still seems to segfault.

Revision history for this message
JC Hulce (soaringsky) wrote :

The fixed version from debian appears to have been synced in a long time ago, so I am closing this bug.

Changed in stegdetect (Ubuntu):
assignee: nobody → JC Hulce (soaringsky)
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.