Bug#707722: texlive-binaries: dvips segfaults on invalid input file

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#707722: texlive-binaries: dvips segfaults on invalid input file
From: Heinrich Moser <heinzi+debian@heinzi.at>
Date: Fri, 10 May 2013 18:57:03 +0200
Message-id: <[🔎] 20130510165703.23808.35352.reportbug@localhost>
Reply-to: Heinrich Moser <heinzi+debian@heinzi.at>, 707722@bugs.debian.org

Package: texlive-binaries
Version: 2009-8
Severity: minor

A malformed dvi file can make dvips segfault. This is not a big
problem, since latex usually does not produce malformed dvis, but
well-behaved programs should not segfault on invalid input.

The malformed dvi file (attached) was constructed by a fuzzer, by
taking a valid "Hello World"-dvi and flipping arbitrary bits.

How to reproduce: dvips crash-1.dvi

Expected output: Some kind of error message.

Actual output:

This is dvips(k) 5.98 Copyright 2009 Radical Eye Software (www.radicaleye.com)
' TeX output 2013.05.08:1726' -> crash-1.ps
Segmentation fault


-- System Information:
Debian Release: 6.0.7
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-5-vserver-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages texlive-binaries depends on:
ii  ed                   1.4-3               The classic UNIX line editor
ii  libc6                2.11.3-4            Embedded GNU C Library: Shared lib
ii  libfontconfig1       2.8.0-2.1           generic font configuration library
ii  libfreetype6         2.4.2-2.1+squeeze4  FreeType 2 font engine, shared lib
ii  libgcc1              1:4.4.5-8           GCC support library
ii  libkpathsea5         2009-8              TeX Live: path search library for 
ii  libncurses5          5.7+20100313-5      shared libraries for terminal hand
ii  libpng12-0           1.2.44-1+squeeze4   PNG library - runtime
ii  libpoppler5          0.12.4-1.2+squeeze1 PDF rendering library
ii  libstdc++6           4.4.5-8             The GNU Standard C++ Library v3
ii  libx11-6             2:1.3.3-4           X11 client-side library
ii  libxaw7              2:1.0.7-1           X11 Athena Widget library
ii  libxmu6              2:1.0.5-2           X11 miscellaneous utility library
ii  libxpm4              1:3.5.8-1           X11 pixmap library
ii  libxt6               1:1.0.7-1           X11 toolkit intrinsics library
ii  perl                 5.10.1-17squeeze6   Larry Wall's Practical Extraction 
ii  tex-common           2.08.1              common infrastructure for building
ii  texlive-common       2009-11+squeeze1    TeX Live: Base component
ii  zlib1g               1:1.2.3.4.dfsg-3    compression library - runtime

texlive-binaries recommends no packages.

texlive-binaries suggests no packages.

-- no debconf information

Attachment: crash-1.dvi
Description: TeX dvi file

Reply to:

Follow-Ups:
- Bug#707722: marked as done (texlive-binaries: dvips segfaults on invalid input file)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: Re: Bug#707663: texlive-binaries: warning messages with hyperref
Next by Date: Bug#707722: marked as done (texlive-binaries: dvips segfaults on invalid input file)
Previous by thread: Processed: Re: Bug#707663: texlive-binaries: warning messages with hyperref
Next by thread: Bug#707722: marked as done (texlive-binaries: dvips segfaults on invalid input file)
Index(es):
- Date
- Thread