Your message dated Fri, 15 Dec 2006 14:02:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#403085: fixed in file 4.17-5 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: libmagic1 Version: 4.17-4 Severity: critical My library/program using libmagic crashes when using a custom magic file with any combination of magic_{check,compile,load}. A simple test program can reproduce this behaviour. The error handling for magic_open is omitted but this doesn't change the result. The malloc/ random/free stuff is neccessary to get some garbage into memory. That's why file(1) doesn't crash I think. Compile it with: $ gcc -o testmagic testmagic.c -lmagic --------------------------------------------------------------------- #include <stdio.h> #include <stdlib.h> #include <magic.h> int main(int argc, char *argv[]) { magic_t magic; char *buffer; int i; buffer = malloc(4096); for(i = 0; i < 4096; i ++) buffer[i] = random() & 0xFF; free(buffer); if(argc < 2) { fprintf(stderr, "usage: %s <magicfile>\n", argv[0]); } magic = magic_open(MAGIC_CHECK | MAGIC_SYMLINK); if(magic_compile(magic, argv[1]) != 0) { fprintf(stderr, "%s: failed to compile %s: %s (%d)\n", argv[0], argv[1], magic_error(magic), magic_errno(magic)); magic_close(magic); return EXIT_FAILURE; } return EXIT_SUCCESS; } --------------------------------------------------------------------- Backtrace: (gdb) run /opt/mad/lib/libg3d/libg3d.magic Starting program: .../testmagic /opt/mad/lib/libg3d/libg3d.magic Program received signal SIGSEGV, Segmentation fault. 0xb7e4f77d in memset () from /lib/tls/libc.so.6 (gdb) bt #0 0xb7e4f77d in memset () from /lib/tls/libc.so.6 #1 0xb7f17d76 in file_showstr () from /usr/lib/libmagic.so.1 #2 0xb7f1989a in file_apprentice () from /usr/lib/libmagic.so.1 #3 0xb7f17302 in magic_compile () from /usr/lib/libmagic.so.1 #4 0x080486f1 in main () --------------------------------------------------------------------- strace: ... open("/opt/mad/lib/libg3d/libg3d.magic", O_RDONLY|O_LARGEFILE) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=1662, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f47000 read(3, "# $Id$\n\n# 3D Studio\n0 "..., 4096) = 1662 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ --------------------------------------------------------------------- The bug may be related to https://launchpad.net/distros/ubuntu/+source/file/+bug/38015 as I get a similar backtrace for magic_check() I did not really look at the source code yet, but it looks like an un- initialized or not allocated buffer/variable. My System: Debian Etch (up-to-date) on AMD K7 as well as Intel PIII. Markus -- A CRAY is the only computer that runs an endless loop in just 4 hours...
--- End Message ---
--- Begin Message ---Source: file Source-Version: 4.17-5 We believe that the bug you reported is fixed in the latest version of file, which is due to be installed in the Debian FTP archive: file_4.17-5.diff.gz to pool/main/f/file/file_4.17-5.diff.gz file_4.17-5.dsc to pool/main/f/file/file_4.17-5.dsc file_4.17-5_i386.deb to pool/main/f/file/file_4.17-5_i386.deb libmagic-dev_4.17-5_i386.deb to pool/main/f/file/libmagic-dev_4.17-5_i386.deb libmagic1_4.17-5_i386.deb to pool/main/f/file/libmagic1_4.17-5_i386.deb python-magic_4.17-5_i386.deb to pool/main/f/file/python-magic_4.17-5_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Piefel <[EMAIL PROTECTED]> (supplier of updated file package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 15 Dec 2006 13:36:12 +0100 Source: file Binary: libmagic1 file libmagic-dev python-magic Architecture: source i386 Version: 4.17-5 Distribution: unstable Urgency: high Maintainer: Michael Piefel <[EMAIL PROTECTED]> Changed-By: Michael Piefel <[EMAIL PROTECTED]> Description: file - Determines file type using "magic" numbers libmagic-dev - File type determination library (development) libmagic1 - File type determination library using "magic" numbers python-magic - Python binding for the magic library Closes: 403085 Changes: file (4.17-5) unstable; urgency=high . * Initialize some previously uninitialized memory, this could lead to a segmentation fault when using magic_compile in libmagic (closes: #403085) Files: 2fd284c6450f44d279dab26ac47a545c 683 utils standard file_4.17-5.dsc fa57ebfc237d486566ead9b7723797ec 23132 utils standard file_4.17-5.diff.gz 988c2e6f12fbd3dcd5960dcb19e8ce05 31506 utils standard file_4.17-5_i386.deb cde0f61d74c348481e6a8d3ee05ebdc2 274930 libs standard libmagic1_4.17-5_i386.deb e396a366f3d75e3cf642aa4c01b335df 53716 libdevel optional libmagic-dev_4.17-5_i386.deb 9b0d56b6fe3395404ca55d527f35790e 22706 python extra python-magic_4.17-5_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFgqjA5GwONXmN2VwRAjpOAKCmddOE3M8cT1IDQ8ZJD0AUJCSW1QCgisRw Y+hFSJzTgVukTs+A+0jYVms= =BTpd -----END PGP SIGNATURE-----
--- End Message ---
