quirc icon indicating copy to clipboard operation
quirc copied to clipboard

Published 20 hours ago verified publisher icon dlbeer

QR codes (with sample minimal demo programme) that segfault during decode; reproducibly.

Open dirkx opened this issue 6 years ago • 5 comments

Below are some images of a binary QR code that segfault deep in quirclib during a decode.

A trivial 'test.c' utility decode-c.txt is used for this test.

Fairly easy to reeproduce by doing:

openssl rand 400 > rnd.raw qrencode -l H -8 -s 8 -r rnd.raw -o qr.png decode qr.raw > rnd.raw.2 && openssl sha256 rnd.raw.*

a few times (1 in 10 or so fails). Below QR codes segfault on OSX, Linux and FreeBSD; SHA256 of the raw binary shown next to each.

qr 160c8cc11f06d0bd11519c53a5f62ec15cd98cf5dc763dfff5e07a13d1e2797c

qr 75daa67b1aa3ebc67570d8c82ac712bd43eb450a83aeced21ee5236ee261628b

qr 95d1ce7eee8f24f7b4892747c287be3b2825899f84b817e6c0c0e88ee9de5384

dirkx avatar Sep 12 '18 12:09 dirkx

Hi @dirkx ,

Thanks for the report. Unfortunately, I couldn't reproduce the problem with your QR codes (your decode.c program works fine and the output match the provided sha256 sum) for me. Tested with:

  • MacOSX 10.13.6 / clang 9.1.0
  • Ubuntu 18.04.1 LTS / gcc 7.3.0
  • FreeBSD 11.2-RELEASE-p2 / clang 6.0.0

For completeness, here are the command I used to compile decode.c:

LDFLAGS="-L /usr/local/lib" CFLAGS="-I /usr/local/include -O0 -g -Wall -DQUIRC_MAX_REGIONS=65534 -fPIC" make clean qrtest
% cc -I lib -I tests -g -O0 -c decode.c
% cc -o decode decode.o tests/dbgutil.o libquirc.a -L /usr/local/lib -lm -lpng -ljpeg

I also tested with -O3 under Ubuntu and through valgrind and gdb, without problem.

kaworu avatar Sep 12 '18 15:09 kaworu

On Wed, Sep 12, 2018 at 05:28:42AM -0700, Dirk-Willem van Gulik wrote:

Below are some images of a binary QR code that segfault deep in quirclib during a decode.

A trivial 'test.c' utility decode-c.txt is used for this test.

Fairly easy to reeproduce by doing:

openssl rand 400 > rnd.raw qrencode -l H -8 -s 8 -r rnd.raw -o qr.png decode qr.raw > rnd.raw.2 && openssl sha256 rnd.raw.*

a few times (1 in 10 or so fails). Below QR codes segfault on OSX, Linux and FreeBSD; SHA256 of the raw binary shown next to each.

qr 160c8cc11f06d0bd11519c53a5f62ec15cd98cf5dc763dfff5e07a13d1e2797c

qr 75daa67b1aa3ebc67570d8c82ac712bd43eb450a83aeced21ee5236ee261628b

qr 95d1ce7eee8f24f7b4892747c287be3b2825899f84b817e6c0c0e88ee9de5384

I can't reproduce this either, but I did have to change QUIRC_MAX_REGIONS to 65534 to get these codes to work.

Did you also change this macro? If so, did you do a clean build afterwards? Setting it to a value above 254 will change the pixel type to a wider type. That could lead to memory errors if some files were compiled using the narrower type.

Cheers, Daniel

-- Daniel Beer [email protected] http://dlbeer.co.nz/ PGP: BA6E 0B26 1F89 246C E3F3 C910 1E58 C43A 160A 553B

dlbeer avatar Sep 12 '18 22:09 dlbeer

On 12 Sep 2018, at 17:48, Alexandre Perrin [email protected] wrote:

Hi @dirkx https://github.com/dirkx ,

Thanks for the report. Unfortunately, I couldn't reproduce the problem with your QR codes (your decode.c program works fine and the output match the provided sha256 sum) for me. Tested with:

MacOSX 10.13.6 / clang 9.1.0 Ubuntu 18.04.1 LTS / gcc 7.3.0 FreeBSD 11.2-RELEASE-p2 / clang 6.0.0 For completeness, here are the command I used to compile decode.c:

LDFLAGS="-L /usr/local/lib" CFLAGS="-I /usr/local/include -O0 -g -Wall -DQUIRC_MAX_REGIONS=65534 -fPIC" make clean qrtest % cc -I lib -I tests -g -O0 -c decode.c % cc -o decode decode.o tests/dbgutil.o libquirc.a -L /usr/local/lib -lm -lpng -ljpeg I also tested with -O3 under Ubuntu and through valgrind and gdb, without problem.

Ok - will check in a bit more detail to see what is going on - and worst case get you a tar-gz of the actual compiled ensemble. Have noticed that the error/segfault diffeers between a -O3 and no -O at all.

Dw.

dirkx avatar Sep 13 '18 09:09 dirkx

On 13 Sep 2018, at 00:36, Daniel Beer [email protected] wrote:

On Wed, Sep 12, 2018 at 05:28:42AM -0700, Dirk-Willem van Gulik wrote:

Below are some images of a binary QR code that segfault deep in quirclib during a decode. .. I can't reproduce this either, but I did have to change QUIRC_MAX_REGIONS to 65534 to get these codes to work.

I’ve most certainly have not done that — nor seen the tool emit something that suggest such was needed on the tree platforms tried.

Should it have given me an error about ‘max regions too small’ ?

Dw

dirkx avatar Sep 13 '18 09:09 dirkx

On Thu, Sep 13, 2018 at 02:15:41AM -0700, Dirk-Willem van Gulik wrote:

On 13 Sep 2018, at 00:36, Daniel Beer [email protected] wrote:

On Wed, Sep 12, 2018 at 05:28:42AM -0700, Dirk-Willem van Gulik wrote:

Below are some images of a binary QR code that segfault deep in quirclib during a decode. .. I can't reproduce this either, but I did have to change QUIRC_MAX_REGIONS to 65534 to get these codes to work.

I’ve most certainly have not done that — nor seen the tool emit something that suggest such was needed on the tree platforms tried.

Should it have given me an error about ‘max regions too small’ ?

No, if the number of regions were too small it would just fail to identify some codes in large images.

Cheers, Daniel

-- Daniel Beer [email protected] http://dlbeer.co.nz/ PGP: BA6E 0B26 1F89 246C E3F3 C910 1E58 C43A 160A 553B

dlbeer avatar Sep 13 '18 21:09 dlbeer