From owner-freebsd-gnome@FreeBSD.ORG  Tue Feb 21 02:07:40 2006
Return-Path: <owner-freebsd-gnome@FreeBSD.ORG>
X-Original-To: gnome@freebsd.org
Delivered-To: freebsd-gnome@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 364C516A420
	for <gnome@freebsd.org>; Tue, 21 Feb 2006 02:07:40 +0000 (GMT)
	(envelope-from caelian@gmail.com)
Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.203])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 64C0E43D45
	for <gnome@freebsd.org>; Tue, 21 Feb 2006 02:07:39 +0000 (GMT)
	(envelope-from caelian@gmail.com)
Received: by zproxy.gmail.com with SMTP id l8so1120044nzf
	for <gnome@freebsd.org>; Mon, 20 Feb 2006 18:07:38 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:subject:from:to:content-type:date:message-id:mime-version:x-mailer:content-transfer-encoding;
	b=eJCv5NuC1pxQ9qZtf+38pvfG/Eouj3U6waqP7xgQfuKwKsvaxnBTo5AFo7hwkDhomzRzx/jLcXF9dO90xCKU/nsIG9oCJwWUpH2+jwfpwslOabdVnl957YAvsoPNcZ0XBHpeUVWr2So03kENw1Rq6Sx3p88l5+vDPAzEMmH50MU=
Received: by 10.36.224.72 with SMTP id w72mr334750nzg;
	Mon, 20 Feb 2006 18:07:38 -0800 (PST)
Received: from synergy.odyssey.homeunix.org ( [68.190.230.198])
	by mx.gmail.com with ESMTP id j7sm4105102nzd.2006.02.20.18.07.37;
	Mon, 20 Feb 2006 18:07:38 -0800 (PST)
From: Pascal Hofstee <caelian@gmail.com>
To: gnome@freebsd.org
Content-Type: text/plain
Date: Mon, 20 Feb 2006 18:07:36 -0800
Message-Id: <1140487656.847.6.camel@synergy.odyssey.homeunix.org>
Mime-Version: 1.0
X-Mailer: Evolution 2.5.91 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Eog Crash while opening jpeg-images with EXIF data
X-BeenThere: freebsd-gnome@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GNOME for FreeBSD -- porting and maintaining
	<freebsd-gnome.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-gnome>,
	<mailto:freebsd-gnome-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-gnome>
List-Post: <mailto:freebsd-gnome@freebsd.org>
List-Help: <mailto:freebsd-gnome-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-gnome>,
	<mailto:freebsd-gnome-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Feb 2006 02:07:40 -0000

i am noticing a consistent eog crash when opening jpeg images with EXIF
data (using MC-gnome, eog-2.13.91) on FreeBSD/amd64 7.0-CURRENT

The line that causes the crash is libeog/eog-metadata-reader.c:231

memcpy ((void*) ((int)(priv->exif_chunk) + priv->bytes_read),
(void*)&buf[i], priv->size);

I am about 99% sure the (int) typecast on priv->exit_chunk is truncating
the 64-bit pointer into 32-bits causing the application to segfault as a
result. I am not 100% on how to properly fix this.

If any of you could have a look at this, that would be appreciated.

-- 
  Pascal Hofstee