Debian Bug report logs - #662603
libarchive12: infinite loop (cpu 100%) while processing xps files

version graph

Package: libarchive12; Maintainer for libarchive12 is Debian Libarchive Maintainers <ah-libarchive@debian.org>; Source for libarchive12 is src:libarchive.

Reported by: Savvas Radevic <vicedar@gmail.com>

Date: Mon, 5 Mar 2012 09:45:02 UTC

Severity: important

Found in version libarchive/3.0.3-5

Fixed in version libarchive/3.0.3-6

Done: Andreas Henriksson <andreas@fatal.se>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Libarchive Maintainers <ah-libarchive@debian.org>:
Bug#662603; Package libarchive12. (Mon, 05 Mar 2012 09:45:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Savvas Radevic <vicedar@gmail.com>:
New Bug report received and forwarded. Copy sent to Debian Libarchive Maintainers <ah-libarchive@debian.org>. (Mon, 05 Mar 2012 09:45:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Savvas Radevic <vicedar@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libarchive12: infinite loop (cpu 100%) while processing xps files
Date: Mon, 5 Mar 2012 10:43:35 +0100
Package: libarchive12
Version: 3.0.3-5
Severity: important

I believe this bug is important because it blocks the use of libgxps-utils
(e.g. xpstopdf conversion tool).

Complete description of the bug:
"infinite loop on an xps zip file"
https://code.google.com/p/libarchive/issues/detail?id=226#c5
Related merge that fixes the issue:
https://github.com/libarchive/libarchive/commit/f7cd53ca1eda0d08fc3b3876ed474321b9f70ac7

Namely, if you try to use libarchive12, it will keep reading the xps file
indefinitely with 100% CPU.

I have created a quilt patch (based on the merge above) for the debian package:
https://gist.github.com/1974141

-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-16-generic (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libarchive12 depends on:
ii  libacl1          2.2.51-3                Access control list shared library
ii  libattr1         1:2.4.46-3              Extended attribute shared library
ii  libbz2-1.0       1.0.5-6ubuntu1.11.10.1  high-quality block-sorting file co
ii  libc6            2.13-20ubuntu5          Embedded GNU C Library: Shared lib
ii  liblzma2         5.0.0-2                 XZ-format compression library
ii  libnettle4       2.1-2                   low level cryptographic library (s
ii  libxml2          2.7.8.dfsg-4ubuntu0.2   GNOME XML library
ii  zlib1g           1:1.2.3.4.dfsg-3ubuntu3 compression library - runtime

libarchive12 recommends no packages.

libarchive12 suggests no packages.

-- no debconf information




Reply sent to Andreas Henriksson <andreas@fatal.se>:
You have taken responsibility. (Mon, 05 Mar 2012 16:36:18 GMT) Full text and rfc822 format available.

Notification sent to Savvas Radevic <vicedar@gmail.com>:
Bug acknowledged by developer. (Mon, 05 Mar 2012 16:36:18 GMT) Full text and rfc822 format available.

Message #10 received at 662603-close@bugs.debian.org (full text, mbox):

From: Andreas Henriksson <andreas@fatal.se>
To: 662603-close@bugs.debian.org
Subject: Bug#662603: fixed in libarchive 3.0.3-6
Date: Mon, 05 Mar 2012 16:34:08 +0000
Source: libarchive
Source-Version: 3.0.3-6

We believe that the bug you reported is fixed in the latest version of
libarchive, which is due to be installed in the Debian FTP archive:

bsdcpio_3.0.3-6_amd64.deb
  to main/liba/libarchive/bsdcpio_3.0.3-6_amd64.deb
bsdtar_3.0.3-6_amd64.deb
  to main/liba/libarchive/bsdtar_3.0.3-6_amd64.deb
libarchive-dev_3.0.3-6_amd64.deb
  to main/liba/libarchive/libarchive-dev_3.0.3-6_amd64.deb
libarchive12_3.0.3-6_amd64.deb
  to main/liba/libarchive/libarchive12_3.0.3-6_amd64.deb
libarchive_3.0.3-6.debian.tar.gz
  to main/liba/libarchive/libarchive_3.0.3-6.debian.tar.gz
libarchive_3.0.3-6.dsc
  to main/liba/libarchive/libarchive_3.0.3-6.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 662603@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Henriksson <andreas@fatal.se> (supplier of updated libarchive package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 05 Mar 2012 16:23:05 +0100
Source: libarchive
Binary: libarchive-dev libarchive12 bsdtar bsdcpio
Architecture: source amd64
Version: 3.0.3-6
Distribution: unstable
Urgency: low
Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Description: 
 bsdcpio    - Implementation of the 'cpio' program from FreeBSD
 bsdtar     - Implementation of the 'tar' program from FreeBSD
 libarchive-dev - Multi-format archive and compression library (development files)
 libarchive12 - Multi-format archive and compression library (shared library)
Closes: 662603
Changes: 
 libarchive (3.0.3-6) unstable; urgency=low
 .
   * Add patch to fix infinite loop in xps files (Closes: #662603)
     - Thanks for the patch to Savvas Radevic!
Checksums-Sha1: 
 26682ed89ac69d17c57b507fe64d73769271df32 1612 libarchive_3.0.3-6.dsc
 c5be865b41fd7cc04fa2c5fa435b7fb72b73f3b8 25655 libarchive_3.0.3-6.debian.tar.gz
 13d75d844585dd1c6efc6c33b64b81dfa259cd61 445058 libarchive-dev_3.0.3-6_amd64.deb
 2f20bfbca3e1ceac928796cbacebb38b39302b88 280508 libarchive12_3.0.3-6_amd64.deb
 26c4aea0a6385af21da6cb4be7ec4bcb31e50c8f 63286 bsdtar_3.0.3-6_amd64.deb
 2f005791f3fe74a62e029b1290502fe2f19dc8a6 42230 bsdcpio_3.0.3-6_amd64.deb
Checksums-Sha256: 
 6605637a7f03b97b7bb64f09d07baa08258d1f052c5cb78f26130038b095e8aa 1612 libarchive_3.0.3-6.dsc
 5c5ee2d961c8453bb20f3c105680d99b9c0ffa18193c7b06ada0190fe9baf24b 25655 libarchive_3.0.3-6.debian.tar.gz
 9e5e810a0ba8c7a131fa628bfc4f97d4b96558ed0bffb4fd0a7f2e275be82290 445058 libarchive-dev_3.0.3-6_amd64.deb
 739d9f22389f940e226f83397a80fc17863a373eaf014a12604a2ff9bf8824b4 280508 libarchive12_3.0.3-6_amd64.deb
 a7c9e1c74137d4d47c2c6961afd40d232e7484f7518ba9a82a805b3d07e921a3 63286 bsdtar_3.0.3-6_amd64.deb
 1dec29cab35a99f7738b79af190be3ed9085244d86e9c073bc0d67a0c3f4bbe1 42230 bsdcpio_3.0.3-6_amd64.deb
Files: 
 9af6ed592faa318fd5e521d61a433b88 1612 libs optional libarchive_3.0.3-6.dsc
 addcf7306ecf203cb33afc4a61cfbe68 25655 libs optional libarchive_3.0.3-6.debian.tar.gz
 0f01bddb7807a70920f06b98f881a10b 445058 libdevel optional libarchive-dev_3.0.3-6_amd64.deb
 293bf53bbdac1da03b76ffe55acf42fc 280508 libs optional libarchive12_3.0.3-6_amd64.deb
 ade3505854cc05fa849ccd790725967c 63286 utils optional bsdtar_3.0.3-6_amd64.deb
 ad5d001ccb58a9cf7e9ad688e548c516 42230 utils optional bsdcpio_3.0.3-6_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk9U6ZYACgkQcgQ2cL3l8e4ySACg1uEG97Ex0tR31u4QQ+8CN2Jd
8egAnjE2E1ObeqjohXXzsl6e+m0O3iwY
=XnuT
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 13 Apr 2012 07:36:16 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 14:32:44 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.