Debian Bug report logs - #421437
groff: grops and grodvi crash on invalid input

version graph

Package: groff-base; Maintainer for groff-base is Colin Watson <>; Source for groff-base is src:groff.

Reported by: "brian m. carlson" <>

Date: Sun, 29 Apr 2007 05:24:01 UTC

Severity: normal

Found in versions groff/, groff/1.20.1-3

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to, Colin Watson <>:
Bug#421437; Package groff-base. Full text and rfc822 format available.

Acknowledgement sent to "brian m. carlson" <>:
New Bug report received and forwarded. Copy sent to Colin Watson <>. Full text and rfc822 format available.

Message #5 received at (full text, mbox):

From: "brian m. carlson" <>
To: Debian Bug Tracking System <>
Subject: groff: grops and grodvi crash on invalid input
Date: Sun, 29 Apr 2007 05:22:07 +0000
[Message part 1 (text/plain, inline)]
Package: groff-base
Severity: normal

Running "cat crash-grops.txt | grops >/dev/null" crashes grops with a
SIGSEGV.  I know, I know, don't do that, but I'm writing a program which
outputs ditroff output suitable[0] for grops, and unfortunately, I'm
anticipating a lot of invalid input.

Identical symptoms occur with "cat crash-grodvi.txt | grodvi >/dev/null";
the input is identical except for the first two lines.

grops (and grodvi, similarly) seem to get confused when a line occurs
with "c ".  CSTR 97 specifies cx as "ASCII character x", but it isn't
very clear if space is to be allowed.  grops does not recover very
gracefully and quickly becomes confused.  If space shouldn't be allowed
there, then grops should just give up immediately rather than crash

[0] Okay, it's obviously not suitable right now, but it's getting there.

-- System Information:
Debian Release: lenny/sid
  APT prefers experimental
  APT policy: (500, 'experimental'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.21-rc6-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages groff-base depends on:
ii  libc6                   2.5-4            GNU C Library: Shared libraries
ii  libgcc1                 1:4.2-20070307-1 GCC support library
ii  libstdc++6              4.2-20070307-1   The GNU Standard C++ Library v3

groff-base recommends no packages.

-- no debconf information

brian m. carlson / brian with sandals: Houston, Texas, US
+1 713 440 7475 | | My opinion only
OpenPGP: RSA v3 2048b 560553E7: FE82 7C9F EB21 5436 2F96 25BA 927B 0A51
[crash-grops.txt (text/plain, attachment)]
[crash-grodvi.txt (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]

Bug marked as found in version 1.20.1-3. Request was from Colin Watson <> to (Mon, 20 Jul 2009 16:03:21 GMT) Full text and rfc822 format available.

Changed Bug submitter to '"brian m. carlson" <>' from '"brian m. carlson" <>' Request was from "brian m. carlson" <> to (Thu, 03 Feb 2011 20:51:18 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.

Debian bug tracking system administrator <>. Last modified: Sat Apr 19 12:35:05 2014; Machine Name:

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.