Bug #739

exiv2 crashes when examining previews

Added by Jim Nelson over 6 years ago. Updated over 6 years ago.

Status:ClosedStart date:05 Nov 2010
Priority:NormalDue date:
Assignee:Andreas Huggel% Done:

100%

Category:exif
Target version:0.21

Description

A user has supplied me with a photo that causes Exiv2's preview manager to crash at initialization. The stack trace is attached. The segfault happens here:

#0 0x00277314 in Exiv2::DataValue::toLong (this=0x8088a50, n=0)
at value.cpp:246

It's easily reproducible using this command:

$ exiv2 -pp <filename>@

The user has asked I not share the photo publicly. I can make it available to any developer who's going to work through this problem. Just email me at .

This bug is a big problem for Shotwell and gexiv2, as the preview manager is initialized whenever an image is loaded.

exiv2.dump (3.23 KB) Jim Nelson, 05 Nov 2010 12:41

bug739.patch Magnifier - Changes checked in with r2375 (4.03 KB) Andreas Huggel, 06 Nov 2010 08:01

Associated revisions

Revision 2375
Added by Andreas Huggel over 6 years ago

#739: Protect access to toLong() in preview.cpp.

History

#1 Updated by Jim Nelson over 6 years ago

Our ticket for this problem is here: http://trac.yorba.org/ticket/2739

#2 Updated by Andreas Huggel over 6 years ago

Indeed, there are several unprotected toLong() calls in this area. The same problem we discussed some time ago, only this time in the library itself.

Can you please try if r2375 solves the problem? If it helps, you can apply the attached patch to a recent version of exiv2, which will let you compile a binary compatible library.

#3 Updated by Jim Nelson over 6 years ago

That works!

Any idea when 0.21 will be released?

#4 Updated by Andreas Huggel over 6 years ago

  • Category set to exif
  • Status changed from New to Resolved
  • Assignee set to Andreas Huggel
  • Target version set to 0.21
  • % Done changed from 0 to 100

Thanks for the feedback. I plan to release 0.21 this month.

#5 Updated by Andreas Huggel over 6 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF

Redmine Appliance - Powered by TurnKey Linux