Bug#345230: stegdetect: segfault in stegbreak
[Note: the following was done on a Debian system, using Debian's
stegbreak 0.6-6 package, compiled from source]
The segfault issue appears to be with characters > 127 in the default
wordlist:
(gdb) set args ./penguin.jpg
(gdb) run
Starting program: /usr/src/stegdetect-0.6/stegbreak ./penguin.jpg
Loaded 1 files...
Program received signal SIGSEGV, Segmentation fault.
0x000000000040787b in rules_apply (word=0x7fff66112250 "Asunción",
rule=0x7fff661117d0 "lQ", split=-1) at rules.c:416
416 CLASS(0, REJECT, {})
(gdb) bt
#0 0x000000000040787b in rules_apply (word=0x7fff66112250 "Asunción",
rule=0x7fff661117d0 "lQ", split=-1) at rules.c:416
#1 0x0000000000403790 in do_wordlist_crack (
name=0x419c8e "/usr/share/dict/words") at stegbreak.c:202
#2 0x0000000000403ef5 in main (argc=<value optimized out>,
argv=0x7fff661138f0) at stegbreak.c:592
Easy fix is to create a wordlist for stegbreak, excluding words
containing the problem characters:
$ perl -pe 'BEGIN { @bad = (128..255); map { $_ = chr $_ } @bad; };
undef $_ if /[@bad]/' /usr/share/dict/words > stegbreak.wordlist
$ stegbreak -f stegbreak.wordlist penguin.jpg
Loaded 1 files...
penguin.jpg : negative
Processed 1 files, found 0 embeddings.
Time: 349 seconds: Cracks: 3706296, 10619.8 c/s
Reply to: