CVE-2021-32280: Xfig / Tickets / #107 A Segmentation fault in trans_spline.c

System info

Ubuntu x86_64, clang 6.0, fig2dev (latest master 3a578b)

Configure

CFLAGS="-g -fsanitize=address" LDFLAGS="-fsanitize=address" ./configure

Command line

./fig2dev/fig2dev -L pdf -G .25:1cm -j -m 2 -N -P -x 3 -y 4 @@ /dev/null

AddressSanitizer output

AddressSanitizer:DEADLYSIGNAL ================================================================= ==52196==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x00000054d8d6 bp 0x0ff24e6480f7 sp 0x7ffd3a3d31a0 T0) ==52196==The signal is caused by a READ memory access. ==52196==Hint: address points to the zero page. #0 0x54d8d5 in compute_closed_spline /home/seviezhou/fig2dev/fig2dev/trans_spline.c #1 0x54e1b8 in create_line_with_spline /home/seviezhou/fig2dev/fig2dev/trans_spline.c:495:29 #2 0x541fb7 in read_splineobject /home/seviezhou/fig2dev/fig2dev/read.c:1360:10 #3 0x538e22 in read_objects /home/seviezhou/fig2dev/fig2dev/read.c:419:16 #4 0x538e22 in readfp_fig /home/seviezhou/fig2dev/fig2dev/read.c:151 #5 0x5369eb in read_fig /home/seviezhou/fig2dev/fig2dev/read.c:123:10 #6 0x52c27e in main /home/seviezhou/fig2dev/fig2dev/fig2dev.c:423:12 #7 0x7f92718bfb96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/…/csu/libc-start.c:310 #8 0x41b6f9 in _start (/home/seviezhou/fig2dev/fig2dev/fig2dev+0x41b6f9)

AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/seviezhou/fig2dev/fig2dev/trans_spline.c in compute_closed_spline ==52196==ABORTING