Fend off meaningless fuzzer attacks.

a8a76156 · Eric S. Raymond · 34b4105c · a8a76156 · a8a76156 · a8a76156
Commit a8a76156 authored Jun 20, 2019 by Eric S. Raymond
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 2 deletions

NEWS NEWS +3 -0

gif2png.c gif2png.c +10 -1

gif2png.xml gif2png.xml +11 -1

No files found.
--- a/NEWS
+++ b/NEWS
 = gifpng project news ==

+2.5.14::
+  Redirect segfault to a graceful exit.
+
 2.5.13: 2019-03-21::
  Include NEWS and test directory in distributed tarball.


--- a/gif2png.c
+++ b/gif2png.c
@@ -13,6 +13,7 @@
 #include <sys/stat.h>
 #include <utime.h>
 #include <stdbool.h>
+#include <signal.h>

 #include "gif2png.h"

@@ -823,6 +824,12 @@ static bool input_is_terminal(void)
    return isatty(fileno(stdin))!=0;
 }

+static void bailout(int sig)
+{
+    (void)fprintf(stderr, "gif2png: GIF is fatally malformed, bailing out.\n");
+    exit(2);
+}
+
 int main(int argc, char *argv[])
 {
    FILE *fp;
@@ -833,6 +840,8 @@ int main(int argc, char *argv[])
    int ac;
    char *color;

+    signal(SIGSEGV, bailout);
+
    software_chunk = true;

    for (ac = 1; ac < argc && argv[ac][0] == '-'; ac++)
@@ -991,5 +1000,5 @@ int main(int argc, char *argv[])
 		      errors!=0? "with one or more errors" : "no errors detected", 
 		      numgifs, (numgifs == 1) ? "" : "s", numpngs, (numpngs == 1)? "" : "s");

-    return errors;
+    return (errors > 0) ? 1 : 0;
 }
--- a/gif2png.xml
+++ b/gif2png.xml
@@ -208,7 +208,11 @@ conversion is completed anyway).  Also, use zlib compression level 9

 </refsect1>

-<refsect1 id='problems'><title>PROBLEMS</title>
+<refsect1 id='problems'><title>LIMITATIONS</title>
+
+<para>A sufficiently malformed GIF can confuse this program seriously
+enough to segfault it. If this happens while processing multiple GIFs,
+conversion of the batch will be interrupted.</para>

 <para>Naively converting all your GIFs at one go with
 <command>gif2png</command> is not likely to give you the results you
@@ -220,6 +224,12 @@ converting web sites.  In versions of this tool up to 2.5.2
 it filtered out GIFs with transparency as well as GIFs with
 animations, but support for PNG transparency has been universal
 in browsers since about 2006.</para>
+</refsect1>
+
+<refsect1 id='returns'><title>RETURN VALUES</title> <para>Normally
+returns 0 for successful comp[letion.  A return of 1 is a recoverable
+error (batch processing continues), A return of 2 is an unrecoverable
+error.</para>

 </refsect1>