[Poppler-bugs] [Bug 91344] New: Crash: Internal Error (0): Call to Object where the object was type 7, not the expected type 9

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue Jul 14 21:34:55 PDT 2015 

https://bugs.freedesktop.org/show_bug.cgi?id=91344

            Bug ID: 91344
           Summary: Crash: Internal Error (0): Call to Object where the
                    object was type 7, not the expected type 9
           Product: poppler
           Version: unspecified
          Hardware: Other
                OS: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: pdftohtml
          Assignee: poppler-bugs at lists.freedesktop.org
          Reporter: legarrec.vincent at gmail.com

Created attachment 117131
  --> https://bugs.freedesktop.org/attachment.cgi?id=117131&action=edit
crash.pdf

Dear,

I was playing with AFL (American Fuzzy Lop) and after some time, it found a
testcase where pdftohtml crashes.

Syntax Error: End of file inside dictionary
Syntax Error: End of file inside dictionary
Syntax Error: Pages top-level is a single Page. The document is mal-formet,
trying to recover...
Internal Error (0): Call to Object where the object was type 7, not the
expected type 9
Abandon (core dumped)
Program received signal SIGABRT, Aborted.
#0  0x00007ffff6efad9b in __GI_raise (sig=sig at entry=6)
    at ../sysdeps/unix/sysv/linux/raise.c:55
#1  0x00007ffff6efc261 in __GI_abort () at abort.c:89
#2  0x00007ffff76f3fce in getRef (this=<optimized out>, this=<optimized out>)
    at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/Object.h:211
#3  Catalog::getNumPages (this=0x6714f0)
    at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/Catalog.cc:831
#4  0x00007ffff78f6296 in PDFDoc::getNumPages (this=this at entry=0x670e10)
    at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/PDFDoc.cc:1878
#5  0x000000000040a680 in main (argc=2, argv=<optimized out>)
    at /home/legarrec/info/programmation/tmp/afl/poppler/utils/pdftohtml.cc:329

I worked with poppler from git.

I also find a testcase where a 863 bytes file run into infinity loop. Should I
also send another bug report ?
Regards,

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/poppler-bugs/attachments/20150715/bab805ab/attachment.html>

More information about the Poppler-bugs mailing list