[poppler] A few vulnerabilitiess in libpoppler
Albert Astals Cid
aacid at kde.org
Sun Nov 21 15:21:34 PST 2010
A Dijous, 21 d'octubre de 2010, Robert Święcki va escriure:
> Hi,
>
> I was recently fuzzing libpoppler and found lots of crashes in it.
> Some of them are of lesser importance, some look more serious. The
> archive is here:
>
> http://alt.swiecki.net/j/poppler_2010.10.20.tgz
>
> I tested it with Ubuntu's pdftoppm from poppler-utils_0.12.4-0ubuntu5
> package on a 64bit system.
>
The master branch should have all of these files fixed that were poppler
fault, there are still some jpeg2k crashes in openjpeg.
There is one file that doesn't crash per se but exhausts the computer memory
(and then crashes :D)
Hib it is doing mad allocations in your new code in Hints.cc, could you have a
look at it, it is
SIGSEGV.PC.0x7ffff7af2936.CODE.1.ADDR.(nil).INSTR.mov_rax,_[rdi].pdf
Albert
More information about the poppler
mailing list