[poppler] Stack buffer overflow on test utf conversion

Adrian Johnson ajohnson at redneon.com
Sat Dec 2 04:01:55 UTC 2017


On 02/12/17 10:14, Albert Astals Cid wrote:
> Adrian, can you have a look at https://paste.kde.org/pe6yweh7u ?
> 
> It seems we have somehow a bug in that code? Is it something you introduced or 
> was it buggy already but just not exercised and now your test reveals the 
> problem?

The buffer in the test is not large enough. The attached patch increases
the buffer size and adds an assert to check the buffer size.

I did test it with valgrind when I wrote the test but interestingly it
doesn't pick up the problem. The second attached patch updates the
INSTALL file to document the use of the address sanitizer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-UTF-test-fail.patch
Type: text/x-patch
Size: 1792 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/poppler/attachments/20171202/cfb32741/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-INSTALL-add-debug-options.patch
Type: text/x-patch
Size: 2113 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/poppler/attachments/20171202/cfb32741/attachment-0001.bin>


More information about the poppler mailing list