Vulnerability Development mailing list archives
Re: Segfault in seejpeg 1.10
From: "Giuseppe Dani" <giuseppe.dani () tin it>
Date: Sun, 11 Nov 2001 01:41:24 +0100
I can confirm your doubt, I can reproduce it on my machine with 2.4 kernel. root@TRiNiTy:/tmp# touch fuj root@TRiNiTy:/tmp# touch ble root@TRiNiTy:/tmp# touch chakiery_z_polzki root@TRiNiTy:/tmp# seejpeg * Segmentation fault Here is my system: root@TRiNiTy:/tmp# uname -a Linux TRiNiTy 2.4.12 #7 SMP Thu Nov 1 18:16:41 CET 2001 i586 unknown root@TRiNiTy:/tmp# cat /etc/slackware-version 8.0.0 (åtta) Bye. Giuseppe. ----- Original Message ----- From: "Patryk Chmielewski" <argv () jaskinia eu org> To: <vuln-dev () securityfocus com> Sent: Saturday, November 10, 2001 9:35 PM Subject: Segfault in seejpeg 1.10
I found bug in seejpeg 1.10 but i think it's not expolitable. Let's see: (my seejpeg don't have suid and i'm showing this bug running seejpeg at
root)
My temporary dir is empty: root@jaskinia:/tmp$ ls root@jaskinia:/tmp$ Next we must create some empty files: root@jaskinia:/tmp$ touch fuj root@jaskinia:/tmp$ touch ble root@jaskinia:/tmp$ touch chakiery_z_polzki root@jaskinia:/tmp$ And main part: root@jaskinia:/tmp# seejpeg * [many '\n' :)] Empty input file svgalib: Signal 11: Segmentation fault received. Segmentation fault (core dumped) root@jaskinia:/tmp# My OS: argv@jaskinia:~$ uname -a Linux jaskinia 2.2.20 #1 Sat Nov 3 22:18:56 CET 2001 i686 unknown argv@jaskinia:~$ argv@jaskinia:~$ cat /etc/slackware-version 8.0.0 (åtta) argv@jaskinia:~$ What do you think about this? Can you reproduce this on your machines? -- -=[ Patryk Chmielewski -> :: <- argv () jaskinia eu org ]=- -=[ ****** http://argv.jaskinia.eu.org ****** ]=- -=[ "If you lie to the compiler, it will get its revenge." ]=-
Current thread:
- Segfault in seejpeg 1.10 Patryk Chmielewski (Nov 10)
- Re: Segfault in seejpeg 1.10 Giuseppe Dani (Nov 10)
- Re: Segfault in seejpeg 1.10 TripleDES (Nov 10)