Ubuntu
libjpeg-turbo package

Version 1.5.0 and older don't conform to the AArch64 ABI

Bug #1669545 reported by Cosmin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libjpeg-turbo (Ubuntu)
New
Undecided
Unassigned

Bug Description

Two ABI conformance issues for AArch64 have been fixed upstream in version 1.5.1:

https://github.com/libjpeg-turbo/libjpeg-turbo/commit/1120ff29a178ee666504f0067e7c079a6b792296

https://github.com/libjpeg-turbo/libjpeg-turbo/commit/cb88e5da8003afcdc443b787fdcb77285e5a8a02

The first one doesn't seem to have affected the Ubuntu builds, but the second one is present in package 1.4.2-0ubuntu3 for Xenial and I assume also in the 1.5.0 and 1.3.0 packages. Long story short, the manually implemented NEON routines stored data above the stack pointer, which is prohibited by the ABI. That data can get overwritten at any point, for example if a signal is delivered to the application, which then results in data corruption and/or crashes (the return address being one of the values stored above the stack pointer).

Tags: arm64
Cosmin (cosmin)
tags: added: arm64
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.