[poppler] [PATCH] Fix crash on invalid image

Albert Astals Cid aacid at kde.org
Sun Mar 4 11:33:39 PST 2012 

El Dissabte, 3 de març de 2012, a les 20:28:19, Even Rouault va escriure:
> Hi,
> 
> The attached patch fixes a SIGFPE when rendering the attached image
> (generated by a fuzzer)

Commited, thanks.

Albert

> 
> $ valgrind ~/poppler-git/install/bin/pdftoppm gdal-131/session-665/byte.pdf
> out
> ==31362== Memcheck, a memory error detector
> ==31362== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
> ==31362== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
> ==31362== Command: /home/even/poppler-git/install/bin/pdftoppm
> gdal-131/session-665/byte.pdf out
> ==31362==
> Syntax Error (1148): Unknown filter 'FnateDecode'
> ==31362==
> ==31362== Process terminating with default action of signal 8 (SIGFPE)
> ==31362==  Integer divide by zero at address 0x40325AF63
> ==31362==    at 0x4FE5201: ImageStream::ImageStream(Stream*, int, int, int)
> (Stream.cc:420)
> ==31362==    by 0x4F0F5E5: SplashOutputDev::drawImage(GfxState*, Object*,
> Stream*, int, int, GfxImageColorMap*, bool, int*, bool)
> (SplashOutputDev.cc:2999)
> ==31362==    by 0x4F7E591: Gfx::doImage(Object*, Stream*, bool)
> (Gfx.cc:4585) ==31362==    by 0x4F7CA3A: Gfx::opXObject(Object*, int)
> (Gfx.cc:4145) ==31362==    by 0x4F6BAE0: Gfx::execOp(Object*, Object*, int)
> (Gfx.cc:855) ==31362==    by 0x4F6B3E8: Gfx::go(bool) (Gfx.cc:714)
> ==31362==    by 0x4F6B201: Gfx::display(Object*, bool) (Gfx.cc:680)
> ==31362==    by 0x4FD6B71: Page::displaySlice(OutputDev*, double, double,
> int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool
> (*)(Annot*, void*), void*) (Page.cc:485)
> ==31362==    by 0x4FDAACC: PDFDoc::displayPageSlice(OutputDev*, int, double,
> double, int, bool, bool, bool, int, int, int, int, bool (*)(void*), void*,
> bool (*)(Annot*, void*), void*) (PDFDoc.cc:500)
> ==31362==    by 0x40172E: savePageSlice(PDFDoc*, SplashOutputDev*, int, int,
> int, int, int, double, double, char*) (pdftoppm.cc:196)
> ==31362==    by 0x401F73: main (pdftoppm.cc:415)
> 
> Best regards,

More information about the poppler mailing list