[poppler] A few vulnerabilitiess in libpoppler
mpsuzuki at hiroshima-u.ac.jp
mpsuzuki at hiroshima-u.ac.jp
Fri Oct 22 03:28:22 PDT 2010
On Fri, 22 Oct 2010 11:38:48 +0200
<robert at swiecki.net> wrote:
>On Fri, Oct 22, 2010 at 3:25 AM, <mpsuzuki at hiroshima-u.ac.jp> wrote:
>:
>>>I uploaded all log files (stdout, stderr, valgrind log) with
>>>tested binary at:
>>>
>>>http://home.hiroshima-u.ac.jp/~mpsuzuki/test-def_mps20101022a.tar.rz
>>
>> I'm sorry, the valgrind log files include so many
>> warnings caused by glibc-incompatible valgrind
>> (valgrind was too old than glibc). Now I updated
>> valgrind and retry testing.
>
>Maybe it'll be easier if I simply compile the newest libpoppler, and
>send you the results. It should make your testing much quicker I
>presume. I'll do it today.
Thank you! Now my test with newer valgrind has just finished,
again, 16 PDFs caused SIGSEGV. Now I'm checking the debug
binary (built with "-g3 -ggdb -O0 -fkeep-inline-functions"),
53/64 are being finished (12 SEGV is found). I'm interested
in how many PDFs will cause SEGV on your environment.
I'm sorry for my very slow amd64 machine.
Regards,
mpsuzuki
More information about the poppler
mailing list