Script-fu crashed when High-Entropy ASLR is enforced
GIMP version: 2.10.4
Operating System: Windows 10 (April 2018 update, x64, August 2018 build, build 17134.228)
Package: Default GIMP.org installer for Windows
Description of the bug
Script-fu crashed while High-Entropy ASLR is enforced. Items that relies on the proper functioning of Script-fu are missing (for example, Zealous Crop or functions related to Guides (for example adding it by percentage or permanent removal of all guides in the document)). While mandatory ASLR is disabled by default, it is enabled by enterprises to minimise the attack surface to their work computers.
Reproduction
Is the bug reproducible? Always
Reproduction steps:
To enable High-Entropy ASLR:
- Open Windows Defender Security Center.
- Tap App & browser control.
- Scroll down to Exploit Protection, and access its settings.
- On System settings, ensure that at least Mandatory ASLR, Bottom-up ASLR, and High-Entropy ASLR is turned on by default.
- Confirm UAC and enter credentials when prompted (depending on computer configuration)
- Restart computer to apply settings.
To start GIMP.
- Access Start and run GIMP.
- GIMP will start normally.
Results
Expected result: All plug-ins are working and no further action is required to activate them.
Actual result: Script-fu crashed silently. Items which relies on Script-fu are missing.
Additional information
Workaround
- Open Windows Defender Security Center.
- Tap App & browser control.
- Scroll down to Exploit Protection, and access its settings.
- On Program Settings, press the Add button (+) and select
Choose exact path
. - Find the Script-fu plugin (by default, on
C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
) - A window will open. Scroll down to
Randomize memory allocations
. - Override the system settings and enable
Don't use high entropy
. - Press Apply, confirm UAC when prompted, and restart GIMP.
Windows program crash information
Source
GNU Image Manipulation Program Plug-In
Summary
Stopped working
Date
21/08/2018 18:11
Status
Report sent
Description
Faulting Application Path: C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
Problem signature
Problem Event Name: APPCRASH
Application Name: script-fu.exe
Application Version: 2.10.4.0
Application Timestamp: 00000000
Fault Module Name: script-fu.exe
Fault Module Version: 2.10.4.0
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 0000000000018480
OS Version: 10.0.17134.2.0.0.256.48
Locale ID: 2057
Additional Information 1: 2b6e
Additional Information 2: 2b6ecd0baee95c16eadcde5dfff51a74
Additional Information 3: c412
Additional Information 4: c4126cee37a1735b71f00317b70269c0
Extra information about the problem
Bucket ID: 78833e92fdae82b29447200c67c7248c (1461171841757815948)
Information collected from --verbose
...
Starting extension: 'extension-script-fu'
C:\Program Files\GIMP 2\bin\gimp-2.10.exe: LibGimpBase-WARNING: gimp-2.10.exe: gimp_wire_read(): error
GIMP-Error: Plug-in crashed: "script-fu.exe"
(C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe)
The dying plug-in may have messed up GIMP's internal state. You may want to save your images and restart GIMP to be on the safe side.
INIT: gui_restore_after_callback
...