vlc crashed with SIGSEGV in QProgressBar::maximum()

Bug #947156 reported by Benjamin on 2012-03-05
This bug affects 1 person
Affects Status Importance Assigned to Milestone
VLC media player
Fix Released
Rémi Denis-Courmont
vlc (Ubuntu)

Bug Description

while I indexing a video file

ProblemType: Crash
DistroRelease: Ubuntu 12.04
Package: vlc-nox 2.0.0-4
ProcVersionSignature: Ubuntu 3.2.0-17.27-generic 3.2.6
Uname: Linux 3.2.0-17-generic i686
ApportVersion: 1.94-0ubuntu1
Architecture: i386
Date: Mon Mar 5 15:16:36 2012
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/vlc
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Alpha i386 (20111129.1)
ProcCmdline: /usr/bin/vlc video.avi
 Segfault happened at: 0x23352f7 <_ZNK12QProgressBar7maximumEv+7>: mov 0x12c(%eax),%eax
 PC (0x023352f7) ok
 source "0x12c(%eax)" (0x0000012c) not located in a known VMA region (needed readable region)!
 destination "%eax" ok
 Stack memory exhausted (SP below stack segment)
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: vlc
 QProgressBar::maximum() const () from /usr/lib/i386-linux-gnu/libQtGui.so.4
 QProgressDialog::setValue(int) () from /usr/lib/i386-linux-gnu/libQtGui.so.4
 ?? () from /usr/lib/i386-linux-gnu/libQtGui.so.4
 QMetaCallEvent::placeMetaCall(QObject*) () from /usr/lib/i386-linux-gnu/libQtCore.so.4
 QObject::event(QEvent*) () from /usr/lib/i386-linux-gnu/libQtCore.so.4
Title: vlc crashed with SIGSEGV in QProgressBar::maximum()
UpgradeStatus: Upgraded to precise on 2012-02-15 (18 days ago)
UserGroups: adm cdrom dip lpadmin mythtv plugdev sambashare sudo

CVE References

Benjamin (nailartcenter) wrote :

 QProgressBar::maximum (this=0xb582c4f0) at widgets/qprogressbar.cpp:298
 QProgressDialog::setValue (this=0xb5830b98, progress=999) at dialogs/qprogressdialog.cpp:718
 qt_static_metacall (_a=0xb66bbe30, _id=6, _o=0xb5830b98, _c=<optimized out>) at .moc/release-shared/moc_qprogressdialog.cpp:87
 QProgressDialog::qt_static_metacall (_o=0xb5830b98, _c=QMetaObject::InvokeMetaMethod, _id=6, _a=0xb66bbe30) at .moc/release-shared/moc_qprogressdialog.cpp:75
 ?? ()

Changed in vlc (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
Benjamin Drung (bdrung) on 2012-05-23
description: updated
visibility: private → public
Rémi Denis-Courmont (rdenis) wrote :

Should be fixed in VLC 2.0.4. Hard to say for sure without further details.

Changed in vlc (Ubuntu):
status: New → Fix Committed
Changed in vlc:
milestone: none → 2.0.4
assignee: nobody → Rémi Denis-Courmont (rdenis)
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.0.4-0ubuntu1

vlc (2.0.4-0ubuntu1) quantal; urgency=low

  * New upstream release (LP: #1067064).
    - Fix crashes (LP: #947156, #958462, #960020, #979490, #1033682)
    - Correct default encoding for Hebrew subtitles (LP: #1051552)
  * Drop backported bp-fix-hang-caused-by-notify.patch.
  * Build the sftp access and Opus codec plugin and add them to vlc-nox.
 -- Benjamin Drung <email address hidden> Mon, 15 Oct 2012 22:28:55 +0200

Changed in vlc (Ubuntu):
status: Fix Committed → Fix Released

Hello Benjamin, or anyone else affected,

Accepted vlc into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/vlc/2.0.4-0ubuntu0.12.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in vlc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.0.5-0ubuntu0.12.04.1

vlc (2.0.5-0ubuntu0.12.04.1) precise-security; urgency=low

  * New bug-fixing upstream release.
    - Fix hang caused by the notify plugin. (Closes: #662628, LP: #970447)
    - Fix crashes (LP: #947156, #958462, #960020, #979490, #1033682)
    - Correct default encoding for Hebrew subtitles (LP: #1051552)
  * SECURITY UPDATE: denial of service via crafted PNG file (LP: #1084054)
    - CVE-2012-5470
  * SECURITY UPDATE: Buffer overflows in freetype renderer and HTML subtitle
    parser can cause a denial of service (process termination) and possibly
    execute arbitrary code.
    - VideoLAN-SA-1301
 -- Benjamin Drung <email address hidden> Sat, 05 Jan 2013 14:47:33 +0100

Changed in vlc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers