691248 – jbig2dec doesn't handle 042_11 (Huffman Symbol Region)

Bug 691248 - jbig2dec doesn't handle 042_11 (Huffman Symbol Region)

Summary: jbig2dec doesn't handle 042_11 (Huffman Symbol Region)

Status:	RESOLVED FIXED

Alias:	None

Product:	jbig2dec
Classification:	Unclassified
Component:	Rendering (show other bugs)
Version:	master
Hardware:	PC Linux

Importance:	P4 normal
Assignee:	Masaki Ushizaka

URL:
Keywords:

Depends on:	689836 690094
Blocks:	689853
	Show dependency tree

Reported:	2010-04-16 06:12 UTC by Ralph Giles
Modified:	2010-06-22 07:44 UTC (History)
CC List:	0 users

See Also:
Customer:
Word Size:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ralph Giles 2010-04-16 06:12:15 UTC

jbig2dec doesn't handle the ubc testsuite file 042_11.jb2. In fact, current HEAD segfaults for me:

$ gdb ./jbig2dec
[...]
(gdb) run ../ubc/042_11.jb2 
Starting program: /home/giles/projects/jbig2/jbig2dec/jbig2dec ../ubc/042_11.jb2

Program received signal SIGSEGV, Segmentation fault.
0x000000000040fb41 in jbig2_image_clone (ctx=0x619250, image=0x0)
    at jbig2_image.c:63
63		image->refcount++;
(gdb) bt
#0  0x000000000040fb41 in jbig2_image_clone (ctx=0x619250, image=0x0)
    at jbig2_image.c:63
#1  0x0000000000408131 in jbig2_decode_symbol_dict (ctx=0x619250, 
    segment=0x61a4c0, params=0x7fffffffcbc0, data=0x62879a "@", size=60754, 
    GB_stats=0x0, GR_stats=0x0) at jbig2_symbol_dict.c:714
#2  0x00000000004089b3 in jbig2_symbol_dictionary (ctx=0x619250, 
    segment=0x61a4c0, segment_data=0x628790 "") at jbig2_symbol_dict.c:916
#3  0x000000000040532c in jbig2_parse_segment (ctx=0x619250, segment=0x61a4c0, 
    segment_data=0x628790 "") at jbig2_segment.c:236
#4  0x0000000000404806 in jbig2_data_in (ctx=0x619250, 
    data=0x7fffffffcd90 "\026\b\036\023v\032A4\033a%pC\t\240\330a&\324\020qa8\177}\253\252\247\240BE\034\223\222xB\031\034\202\021\026\020\210\210\212B\"\"!\221\311\b\210\210\213\bDD;h!\304DCh\020a\b\210\350 \301\ba\aHDDDE\202\026\020\210\210\210\210\206\020lDD0\203h&\322\026\341\064\342\"\"\033L\230\342\034D[A\006\020\210hE\204,\020\210\270\210hq\026\020\264\301\b\210\206\230A\204\032`\205\304\064Ћ\b\030B,\216/\033N\305C\tBcb\232b\232i\215\214 \330\240\305\064\305lS\025\024\304&)\246)\215\212b\232i\246\066)\212\016\306\323\033\024\306\301\202Aؓ\034L8D"..., size=4096) at jbig2.c:316
#5  0x00000000004018eb in main (argc=2, argv=0x7fffffffded8) at jbig2dec.c:448

Comment 1 Ralph Giles 2010-04-16 06:12:36 UTC

Segfaults get higher priority.

Comment 2 Ralph Giles 2010-04-16 06:13:59 UTC

We also segfault on 042_14.jb2, with a very similar backtrace.

Comment 3 Masaki Ushizaka 2010-04-21 07:06:58 UTC

The segfault was caused by modification in r11074 (bug 690094).  Please see comment 16 in bug 690094.

Comment 4 Masaki Ushizaka 2010-04-21 08:50:08 UTC

The regression caused by r11074 was fixed in r11093.
42_11.jb2 stopped segfault, but the resulting image is not correct.
The text after line 6 is shifted upward.
Changing priority to P4.

042_14.jb2 still segfaults in other code.  This already happened in jbig2dec 0.11 (r10691).
I will open an another bug for this file.

Comment 5 Masaki Ushizaka 2010-06-17 13:04:00 UTC

Remaining problem was caused by Standard Huffman Table K malfunction.  b689836_b2.patch in bug 689836 addresses this issue.

Comment 6 Masaki Ushizaka 2010-06-22 07:44:39 UTC

This was fixed in r11415.