[poppler] Heap corruption caused by wrong JPXStream import

Peter Waller peter at scraperwiki.com
Sat Jul 4 08:32:12 PDT 2015


Yep, the line I referenced is not where the crash occurred, but the point of no return where heap corruption was sure to happen thereafter. Once the heap is corrupted the crash that brings the process down can happen in all sorts of places.

On 4 July 2015 16:23:36 BST, Adam Reichold <adam.reichold at t-online.de> wrote:
>Hello,
>
>> I'm afraid digging out documents that cause it is not a simple
>> proposition for me right now. But from my understanding of the code
>> - from the build I had - if one hits that `new JPXStream`, then it
>was
>> guaranteed to crash. Are you certain in your testing that this line**
>> is being hit (e.g, with "printf"?). The build I had definitely could
>> not have executed that line correctly. Maybe I had an incorrect
>> build due to a strange environment, though I thought I had hit the
>> problem with the standard build shipped with Ubuntu.
>> 
>> **
>https://cgit.freedesktop.org/poppler/poppler/tree/poppler/Stream.cc?id=poppler-0.33.0#n355
>
>Even though I always crash at [1] instead of the above, I could now
>reproduce this issue and can confirm that Peter's patch fixes this for
>me. An example of a document that triggers the issue for me is [2]. I
>also run Linux and use the CMake build system. Only openjpeg 1.5.2 is
>installed on my system.
>
>[1]
>http://cgit.freedesktop.org/poppler/poppler/tree/poppler/JPXStream.cc?id=poppler-0.33.0#n489
>
>[2] http://restfulwebapis.org/RESTful_Web_Services.pdf
>
>Best regards, Adam.
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>poppler mailing list
>poppler at lists.freedesktop.org
>http://lists.freedesktop.org/mailman/listinfo/poppler

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/poppler/attachments/20150704/57b53ee1/attachment-0001.html>


More information about the poppler mailing list