- Package:
- ghostscript
- Source:
- ghostscript
- Description:
- interpreter for the PostScript language and for PDF
- Submitter:
- Ryo Furue
- Date:
- 2024-02-25 05:03:08 UTC
- Severity:
- important
- Tags:
Epstool crashes as follows. I'm attaching the PostScript file that causes it. $ epstool --copy --quiet --output - -b tmp.eps ERROR: /typecheck in --aload-- Operand stack: --nostringval-- Execution stack: %interp_exit .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- false 1 %stopped_push 1 3 %oparray_pop 1 3 %oparray_pop 1 3 %oparray_pop 1 3 %oparray_pop .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- Dictionary stack: --dict:1122/1686(ro)(G)-- --dict:0/20(G)-- --dict:126/200(L)-- Current allocation mode is local Current file position is 291427 *** glibc detected *** epstool: double free or corruption (!prev): 0x08093158 *** ======= Backtrace: ========= /lib/i686/cmov/libc.so.6[0x4009c915] /lib/i686/cmov/libc.so.6(cfree+0x90)[0x400a0380] /lib/i686/cmov/libc.so.6(fclose+0x134)[0x4008b274] epstool[0x804a46a] epstool[0x804b5a9] epstool[0x804e5a8] /lib/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0x40047450] epstool[0x8048db1] ======= Memory map: ======== 08048000-08081000 r-xp 00000000 08:01 8372369 /usr/bin/epstool 08081000-08082000 rw-p 00039000 08:01 8372369 /usr/bin/epstool 08082000-080b3000 rw-p 08082000 00:00 0 [heap] 40000000-4001c000 r-xp 00000000 08:01 25247783 /lib/ld-2.7.so 4001c000-4001e000 rw-p 0001b000 08:01 25247783 /lib/ld-2.7.so 4001e000-40020000 rw-p 4001e000 00:00 0 40031000-40178000 r-xp 00000000 08:01 25265123 /lib/i686/cmov/libc-2.7.so 40178000-40179000 r--p 00147000 08:01 25265123 /lib/i686/cmov/libc-2.7.so 40179000-4017b000 rw-p 00148000 08:01 25265123 /lib/i686/cmov/libc-2.7.so 4017b000-4017f000 rw-p 4017b000 00:00 0 4017f000-4018b000 r-xp 00000000 08:01 25247751 /lib/libgcc_s.so.1 4018b000-4018c000 rw-p 0000b000 08:01 25247751 /lib/libgcc_s.so.1 40200000-40221000 rw-p 40200000 00:00 0 40221000-40300000 ---p 40221000 00:00 0 bff47000-bff5d000 rw-p bff47000 00:00 0 [stack] ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso] Aborted $ <<<<<<<<<<<<<<<<<<< Hope this helps, Ryo
--- Please enter the report below this line. --- I can reproduce the reported behaviour and I think it's the broken eps that causes the crash. This should be reported to upstream so they can fix it. Debian Release: squeeze/sid 500 testing security.debian.org 500 testing ftp.uni-kl.de 500 testing ftp.de.debian.org 500 lenny-cran ftp5.gwdg.de --- Package information. --- Depends (Version) | Installed ==========================-+-=========== libc6 (>= 2.3) | 2.9-25 ghostscript | 8.70~dfsg-2 Package's Recommends field is empty. Package's Suggests field is empty.
reassign 469761 ghostscript retitle 469761 file crashes ps2pdf/epstool/ghostscript thanks Hi, I think it's actually a bug in ghostscript as ps2pdf throws the same error as epstool. Could you please forward it upstream? Best, Philip
as epstool. Tested with ghostscript 10.02.1 and the issue remains: $ ps2pdf tmp.eps Error: /typecheck in --aload-- Operand stack: --nostringval-- Execution stack: %interp_exit .runexec2 --nostringval-- -- nostringval-- --nostringval-- 2 %stopped_push --nostringval-- -- nostringval-- --nostringval-- false 1 %stopped_push 1944 1 3 %oparray_pop 1943 1 3 %oparray_pop 1942 1 3 %oparray_pop -- nostringval-- 1928 1 3 %oparray_pop 1801 1 3 %oparray_pop -- nostringval-- %errorexec_pop .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- Dictionary stack: --dict:748/1123(ro)(G)-- --dict:0/20(G)-- --dict: 111/200(L)-- Current allocation mode is local Current file position is 291380 GPL Ghostscript 10.02.1: Unrecoverable error, exit code 1
corruption"). That is gone. When I tested earlier this year, I noted the diagnostic " Error: /typecheck in --aload--" was the same so I left the bug open. -- -- nostringval-- However, this diagnostic does seem to me a valid report indicating the eps file is buggy. I was able to track down the problem to a line containing "0 o", which attempts to obtain index zero of array "ct", but element zero is never set. I was able to render the file by inserting the following at line 196: ct 0 [0.000000 0.000000 0.000000] put Regards, -Steve