Segfault in seejpeg 1.10

From: Patryk Chmielewski (argv@jaskinia.eu.org)
Date: 11/10/01


Date: Sat, 10 Nov 2001 21:35:38 +0100
From: Patryk Chmielewski <argv@jaskinia.eu.org>
To: vuln-dev@securityfocus.com
Subject: Segfault in seejpeg 1.10
Message-ID: <20011110213538.A3072@jaskinia.eu.org>

I found bug in seejpeg 1.10 but i think it's not expolitable. Let's see:
(my seejpeg don't have suid and i'm showing this bug running seejpeg at root)

My temporary dir is empty:
root@jaskinia:/tmp$ ls
root@jaskinia:/tmp$

Next we must create some empty files:
root@jaskinia:/tmp$ touch fuj
root@jaskinia:/tmp$ touch ble
root@jaskinia:/tmp$ touch chakiery_z_polzki
root@jaskinia:/tmp$

And main part:

root@jaskinia:/tmp# seejpeg *
[many '\n' :)]
Empty input file

svgalib: Signal 11: Segmentation fault received.
Segmentation fault (core dumped)
root@jaskinia:/tmp#

My OS:
argv@jaskinia:~$ uname -a
Linux jaskinia 2.2.20 #1 Sat Nov 3 22:18:56 CET 2001 i686 unknown
argv@jaskinia:~$
argv@jaskinia:~$ cat /etc/slackware-version
8.0.0 (åtta)
argv@jaskinia:~$

What do you think about this?
Can you reproduce this on your machines?

-- 
-=[  Patryk Chmielewski   -> :: <-   argv@jaskinia.eu.org  ]=-
-=[   ******      http://argv.jaskinia.eu.org     ******   ]=-
-=[ "If you lie to the compiler, it will get its revenge." ]=-