[Poppler-bugs] [Bug 28806] New: poppler: missing readGenericBitmap return value check leads to NULL deref in JBIG2Bitmap::getSlice
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Jun 29 00:05:03 PDT 2010
https://bugs.freedesktop.org/show_bug.cgi?id=28806
Summary: poppler: missing readGenericBitmap return value check
leads to NULL deref in JBIG2Bitmap::getSlice
Product: poppler
Version: unspecified
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: medium
Component: general
AssignedTo: poppler-bugs at lists.freedesktop.org
ReportedBy: thoger at redhat.com
This is based on:
https://bugs.launchpad.net/bugs/599454
JBIG2Stream::readPatternDictSeg calls readGenericBitmap() without checking its
return value:
http://cgit.freedesktop.org/poppler/poppler/tree/poppler/JBIG2Stream.cc?id=e9501070#n2455
readGenericBitmap() can return NULL:
http://cgit.freedesktop.org/poppler/poppler/tree/poppler/JBIG2Stream.cc?id=e9501070#n2767
This leads to call to JBIG2Bitmap::getSlice with this == NULL:
http://cgit.freedesktop.org/poppler/poppler/tree/poppler/JBIG2Stream.cc?id=e9501070#n2465
leading to NULL deref crash.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the Poppler-bugs
mailing list