Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 87517 - Repeatable libjpeg crash
Summary: Repeatable libjpeg crash
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: libjpeg
Version: 8.0
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Matthias Clasen
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2003-03-28 03:33 UTC by jonny robertson
Modified: 2007-04-18 16:52 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2004-05-12 21:36:31 UTC

Attachments (Terms of Use)

Description jonny robertson 2003-03-28 03:33:05 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021202

Description of problem:
Specific jpg I have can repeatably crash applications that use libjpeg to render
the image (gqview, nautilis etc.).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. run gqview or nautilis
2. browse to directory where 'bad' jpeg is located (dload from supplied URL)

Actual Results:  Program received signal SIGSEGV, Segmentation fault.
0x405bd5a0 in ycck_cmyk_convert (cinfo=0xc6, input_buf=0x8147870, input_row=1,
output_buf=0xbfffdce4, num_rows=0) at jdcolor.c:278
278           outptr[0] = range_limit[MAXJSAMPLE - (y + Crrtab[cr])];   /* red */

Expected Results:  Should just complain about a corrupt jpeg.

Additional info:

libjpeg seems to handle this image okay on RH 7.3.

Comment 1 Matthias Clasen 2004-05-12 21:36:31 UTC
The URL is dangling. Can't reproduce or fix this without the offending

Comment 2 Mark Henson 2004-05-12 21:43:59 UTC
The URL has been fixed.

Comment 3 jonny robertson 2004-05-12 22:04:39 UTC
I can't reproduce this in FC1 anyway (libjpeg-6b-29).... guess it was
fixed upstream at some point.  Feel free to leave it closed if you want.

Note You need to log in before you can comment on or make changes to this bug.