[Poppler-bugs] [Bug 22468] New: Not initialized pointer at AnnotColor constructor

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Thu Jun 25 05:36:01 PDT 2009 

http://bugs.freedesktop.org/show_bug.cgi?id=22468

           Summary: Not initialized pointer at AnnotColor constructor
           Product: poppler
           Version: unspecified
          Platform: Other
        OS/Version: Linux (All)
            Status: NEW
          Severity: major
          Priority: high
         Component: general
        AssignedTo: poppler-bugs at lists.freedesktop.org
        ReportedBy: igorenbein at finjan.com


Created an attachment (id=27127)
 --> (http://bugs.freedesktop.org/attachment.cgi?id=27127)
patch

Hello,

Not initialized 'values' pointer at AnnotColor class causes poppler to crash at
destruction.

Call stack:

Program terminated with signal 6, Aborted.
#0  0xb72a3947 in raise () from /lib/tls/libc.so.6
(gdb) bt
#0  0xb72a3947 in raise () from /lib/tls/libc.so.6
#1  0xb72a50c9 in abort () from /lib/tls/libc.so.6
#2  0xb72d8fda in __fsetlocking () from /lib/tls/libc.so.6
#3  0xb72e089f in mallopt () from /lib/tls/libc.so.6
#4  0xb72e0942 in free () from /lib/tls/libc.so.6
#5  0xb593f031 in gfree (p=0x0) at gmem.cc:290
#6  0xb588ec73 in ~AnnotColor (this=0x837e8e8) at Annot.cc:648
#7  0xb588f083 in ~AnnotAppearanceCharacs (this=0x1e) at Annot.cc:807
#8  0xb588f8ba in ~AnnotWidget (this=0x837f420) at Annot.cc:1849
#9  0xb588eb4f in ~Annots (this=0x8309218) at Annot.cc:4051
#10 0xb5aaaaa3 in finjan::PDFDocument::displayPage (this=0x81a8428,
p=@0x837c538, showAnnots=false, fetchJS=true)
    at
/usr/lib/gcc/i486-linux-gnu/4.1.2/../../../../include/c++/4.1.2/memory:259

'values' pointer should be initialized at 'AnnotColor::AnnotColor(Array
*array)' constructor. There is a flow when this pointer will stay uninitialized
and then will be fried at destructor. Which leads to crash.

Test URL: http://www.districtboston.com/pdfs/Press_04.pdf 

Patch is attached.


-- 
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the Poppler-bugs mailing list