[Poppler-bugs] [Bug 28784] poppler: stream object /Length attribute parsing infinite loop and stack memory exhaustion
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Mon Nov 22 05:23:31 PST 2010
https://bugs.freedesktop.org/show_bug.cgi?id=28784
--- Comment #4 from Tomas Hoger <thoger at redhat.com> 2010-11-22 05:23:30 PST ---
(In reply to comment #3)
> Should be fixed in master
In http://cgit.freedesktop.org/poppler/poppler/commit/?id=b0555189a7 and
http://cgit.freedesktop.org/poppler/poppler/commit/?id=3628837feb , it seems.
Latest git version no longer crashes on the test files I have for this issue.
I wonder if it might make sense to put some arbitrary sane limit on the maximum
fetchOriginatorNums set size. For the /Length loop I reported, I suppose sets
with more than a few members should be uncommon.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the Poppler-bugs
mailing list