http://bugzilla.opensuse.org/show_bug.cgi?id=1093475
http://bugzilla.opensuse.org/show_bug.cgi?id=1093475#c1
--- Comment #1 from Karol Babioch ---
Seems to be an issue in Factory / Leap 15.0 only, since the pR command is not
available in other versions:
valgrind exiv2 -pR CVE-2018-11037
==15693== Memcheck, a memory error detector
==15693== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==15693== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==15693== Command: exiv2 -pR CVE-2018-11037
==15693==
STRUCTURE OF PNG FILE: CVE-2018-11037
address | chunk | length | data | checksum
8 | IHDR | 13 | ...o...Z.... | 0xb672087e
33 | bKGD | 6 | ...... | 0xa0bda793
51 | pHYs | 9 | ...H...H | 0x46c96b3e
72 | IDAT | 20639 | x...y.e.U....p.7.......5.U.... | 0x7b95dac3
20723 | tEXt | 37 | date:create.2012-06-19T16:25:2 | 0x6d339eca
20772 | tEXt | 37 | date:modify.2012-06-19T16:25:2 | 0x1c6e2676
20821 | tEXt | 70 | software.ImageMagick 6.7.3-4 2 | 0x0c7b7a53
==15693== Invalid read of size 1
==15693== at 0x50232A0: Exiv2::PngImage::printStructure(std::ostream&,
Exiv2::PrintStructureOption, int) (in /usr/lib64/libexiv2.so.26.0.0)
==15693== by 0x121F4C: Action::Print::printStructure(std::ostream&,
Exiv2::PrintStructureOption) (in /usr/bin/exiv2)
==15693== by 0x12963B: Action::Print::run(std::__cxx11::basic_string const&) (in /usr/bin/exiv2)
==15693== by 0x113F0C: main (in /usr/bin/exiv2)
==15693== Address 0x68ecfb7 is 0 bytes after a block of size 71 alloc'd
==15693== at 0x4C2EE1F: operator new[](unsigned long) (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==15693== by 0x5022FF2: Exiv2::PngImage::printStructure(std::ostream&,
Exiv2::PrintStructureOption, int) (in /usr/lib64/libexiv2.so.26.0.0)
==15693== by 0x121F4C: Action::Print::printStructure(std::ostream&,
Exiv2::PrintStructureOption) (in /usr/bin/exiv2)
==15693== by 0x12963B: Action::Print::run(std::__cxx11::basic_string const&) (in /usr/bin/exiv2)
==15693== by 0x113F0C: main (in /usr/bin/exiv2)
==15693==
==15693==
==15693== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==15693== Access not within mapped region at address 0x6CBE000
==15693== at 0x50232A0: Exiv2::PngImage::printStructure(std::ostream&,
Exiv2::PrintStructureOption, int) (in /usr/lib64/libexiv2.so.26.0.0)
==15693== by 0x121F4C: Action::Print::printStructure(std::ostream&,
Exiv2::PrintStructureOption) (in /usr/bin/exiv2)
==15693== by 0x12963B: Action::Print::run(std::__cxx11::basic_string const&) (in /usr/bin/exiv2)
==15693== by 0x113F0C: main (in /usr/bin/exiv2)
==15693== If you believe this happened as a result of a stack
==15693== overflow in your program's main thread (unlikely but
==15693== possible), you can try to increase the size of the
==15693== main thread stack using the --main-stacksize= flag.
==15693== The main thread stack size used in this run was 8388608.
==15693==
==15693== HEAP SUMMARY:
==15693== in use at exit: 5,352 bytes in 53 blocks
==15693== total heap usage: 623 allocs, 570 frees, 148,886 bytes allocated
==15693==
==15693== LEAK SUMMARY:
==15693== definitely lost: 8 bytes in 1 blocks
==15693== indirectly lost: 0 bytes in 0 blocks
==15693== possibly lost: 0 bytes in 0 blocks
==15693== still reachable: 5,344 bytes in 52 blocks
==15693== suppressed: 0 bytes in 0 blocks
==15693== Rerun with --leak-check=full to see details of leaked memory
==15693==
==15693== For counts of detected and suppressed errors, rerun with: -v
==15693== ERROR SUMMARY: 4001866 errors from 1 contexts (suppressed: 0 from 0)
--
You are receiving this mail because:
You are on the CC list for the bug.