Package: jhead Version: 1:3.04-3 Severity: normal X-Debbugs-Cc: borzacchie...@diag.uniroma1.it
Dear Maintainer, running jhead with the attached file leads to an invalid read in Get16u. command line: jhead ./00_invalid_read_get16u valgrind output: [...] ==6799== Invalid read of size 2 ==6799== at 0x111528: Get16u (exif.c:323) ==6799== by 0x111528: process_EXIF (exif.c:1022) ==6799== by 0x10E882: ReadJpegSections (jpgfile.c:287) ==6799== by 0x10E882: ReadJpegSections (jpgfile.c:119) ==6799== by 0x10EA12: ReadJpegFile (jpgfile.c:379) ==6799== by 0x10CAF7: ProcessFile (jhead.c:905) ==6799== by 0x10B70B: main (jhead.c:1756) ==6799== Address 0x4b588aa is 0 bytes after a block of size 10 alloc'd ==6799== at 0x483877F: malloc (vg_replace_malloc.c:307) ==6799== by 0x10E31A: ReadJpegSections (jpgfile.c:173) ==6799== by 0x10E31A: ReadJpegSections (jpgfile.c:119) ==6799== by 0x10EA12: ReadJpegFile (jpgfile.c:379) ==6799== by 0x10CAF7: ProcessFile (jhead.c:905) ==6799== by 0x10B70B: main (jhead.c:1756) ==6799== [...] -- Regards, Luca Borzacchiello -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-42-generic (SMP w/12 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages jhead depends on: ii libc6 2.31-3 ii libjpeg-turbo-progs 1:2.0.5-1.1 jhead recommends no packages. Versions of packages jhead suggests: pn imagemagick <none> -- no debconf information
