[Poppler-bugs] [Bug 81851] New: pdftocairo segfaults on a PDF

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Jul 28 13:55:24 PDT 2014 

https://bugs.freedesktop.org/show_bug.cgi?id=81851

          Priority: medium
            Bug ID: 81851
          Assignee: poppler-bugs at lists.freedesktop.org
           Summary: pdftocairo segfaults on a PDF
          Severity: normal
    Classification: Unclassified
                OS: Linux (All)
          Reporter: korobkin+lpad at gmail.com
          Hardware: Other
            Status: NEW
           Version: unspecified
         Component: cairo backend
           Product: poppler

I have several identical machines with Ubuntu 12.04 x64 and only one
difference: some have CUPS 1.6.4 installed, others have CUPS 1.7.4.

cairo 1.12.16, poppler 0.26.1, and cups-filters 1.0.55 binaries where built
within pbuilder environment with CUPS 1.6.4.

pdftocairo -ps -level3 -r 300 /tmp/in.pdf /tmp/out.ps 
segfaults on machines with CUPS 1.6.4, but works normally where CUPS 1.7.4 is
installed. 
Does it depend on libcups2 to do its work?

Here is gdb output:

(gdb) run
Starting program: /usr/bin/pdftocairo -ps -level3 -r 300 /tmp/in.pdf
/tmp/out.ps
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/grte/v3/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff744f26a in _cairo_winansi_to_glyphname (glyph=1080538287) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-glyph-names.c:404
404    /tmp/buildd/cairo-1.12.16/src/cairo-type1-glyph-names.c: No such file or
directory.
(gdb) bt
#0  0x00007ffff744f26a in _cairo_winansi_to_glyphname (glyph=1080538287) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-glyph-names.c:404
#1  0x00007ffff744f8d0 in write_used_glyphs (font=0x7fffffffe0a0,
glyph_number=<optimized out>, name=<optimized out>, name_length=<optimized
out>, 
    charstring=0x555555917b6f
"!F\322{\004\021\227\226\bQ\022\376؏2\313!\006V\232\277H\006 ND\r/mu 134 RD
!F\322{|Q\315\070\210\031\365", <incomplete sequence \314>, 
    charstring_length=23) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1147
#2  0x00007ffff744f45e in cairo_type1_font_subset_for_each_glyph
(font=0x7fffffffe0a0, dict_start=<optimized out>, dict_end=0x55555591987c "", 
    func=0x7ffff744f780 <write_used_glyphs>, dict_out=0x7fffffffe388) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1237
#3  0x00007ffff745157f in cairo_type1_font_subset_write_private_dict
(name=<optimized out>, font=0x7fffffffe0a0) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1489
#4  cairo_type1_font_subset_write (name=<optimized out>, font=0x7fffffffe0a0)
at /tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1596
#5  cairo_type1_font_subset_generate (name=<optimized out>,
abstract_font=0x7fffffffe0a0) at
/tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1668
#6  _cairo_type1_subset_init (type1_subset=0x7fffffffe440, name=<optimized
out>, scaled_font_subset=0x7fffffffe5a0, hex_encode=<optimized out>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-type1-subset.c:1733
#7  0x00007ffff7480879 in _cairo_ps_surface_emit_type1_font_subset
(font_subset=0x7fffffffe5a0, surface=<optimized out>) at
/tmp/buildd/cairo-1.12.16/src/cairo-ps-surface.c:405
#8  _cairo_ps_surface_emit_unscaled_font_subset (font_subset=0x7fffffffe5a0,
closure=0x5555557bc0b0) at /tmp/buildd/cairo-1.12.16/src/cairo-ps-surface.c:766
#9  0x00007ffff7449ebb in _cairo_sub_font_collect (closure=0x7fffffffe550,
entry=0x5555557d1a10) at
/tmp/buildd/cairo-1.12.16/src/cairo-scaled-font-subsets.c:746
#10 _cairo_scaled_font_subsets_foreach_internal (font_subsets=<optimized out>,
font_subset_callback=<optimized out>, closure=<optimized out>, type=<optimized
out>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-scaled-font-subsets.c:1067
#11 0x00007ffff7481023 in _cairo_ps_surface_emit_font_subsets
(surface=0x5555557bc0b0) at
/tmp/buildd/cairo-1.12.16/src/cairo-ps-surface.c:817
#12 _cairo_ps_surface_finish (abstract_surface=0x5555557bc0b0) at
/tmp/buildd/cairo-1.12.16/src/cairo-ps-surface.c:1610
#13 0x00007ffff742e796 in _cairo_surface_finish (surface=0x5555557bc0b0) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1007
#14 0x00007ffff742f3db in *INT_cairo_surface_finish (surface=0x5555557bc0b0) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1054
#15 *INT_cairo_surface_finish (surface=0x5555557bc0b0) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1038
#16 0x00007ffff7406734 in _cairo_paginated_surface_finish
(abstract_surface=0x5555557bdc90) at
/tmp/buildd/cairo-1.12.16/src/cairo-paginated-surface.c:213
#17 0x00007ffff742e796 in _cairo_surface_finish (surface=0x5555557bdc90) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1007
#18 0x00007ffff742f3db in *INT_cairo_surface_finish (surface=0x5555557bdc90) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1054
#19 *INT_cairo_surface_finish (surface=0x5555557bdc90) at
/tmp/buildd/cairo-1.12.16/src/cairo-surface.c:1038
#20 0x000055555555ff91 in endDocument () at pdftocairo.cc:629
#21 main (argc=3, argv=<optimized out>) at pdftocairo.cc:1059
(gdb)


PDF has private information, I cannot share it, sorry.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/poppler-bugs/attachments/20140728/f0f0c1d4/attachment.html>

More information about the Poppler-bugs mailing list