[poppler] A few vulnerabilitiess in libpoppler
Robert Święcki
robert at swiecki.net
Tue Nov 23 04:27:06 PST 2010
>> I guess I can setup another round of fuzzing.
>
> Sure, just make sure you are using uptodate poppler and openjpeg.
Here it is
http://alt.swiecki.net/j/poppler_2010.11.23.tbz
I'm using git://git.freedesktop.org/git/poppler/poppler and my
pdftoppm doesn't depend on any non-standard libraries (is openjpeg
embedded in poppler git repository?), so I guess I'm fuzzing the
newest version
$ ldd utils/pdftoppm
linux-vdso.so.1 => (0x00007fff97dff000)
libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00007f5bfb48e000)
libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00007f5bfb17a000)
libm.so.6 => /lib/libm.so.6 (0x00007f5bfaef6000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00007f5bfacdf000)
libc.so.6 => /lib/libc.so.6 (0x00007f5bfa95c000)
libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00007f5bfa6d5000)
libz.so.1 => /lib/libz.so.1 (0x00007f5bfa4be000)
libexpat.so.1 => /lib/libexpat.so.1 (0x00007f5bfa295000)
/lib64/ld-linux-x86-64.so.2 (0x00007f5bfb6e2000)
--
Robert Święcki
More information about the poppler
mailing list