poppler 0.8.5 (Debian package 0.8.5-1). I found a crash due to NULL-pointer dereference in poppler/Annot.cc. This happens when loading a particular PDF file, seemingly when the first page is being rendered (in Evince) or when running `pdftohtml` as shown below. Unfortunately I don't have permission to attach the file that causes the crash. It loads and displays OK in KPDF 3.5.9. > 1730 void AnnotWidget::initialize(XRef *xrefA, Catalog *catalog, Dict *dict) { > 1731 Object obj1; > 1732 > 1733 form = catalog->getForm (); > 1734 widget = form->findWidgetByRef (ref); > (gdb) print catalog->getForm() > $3 = (Form *) 0x0 Here is a full backtrace. > Starting program: /usr/bin/pdftohtml /tmp/q.pdf > [Thread debugging using libthread_db enabled] > [New Thread 0x7f36a94486f0 (LWP 20478)] > > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 0x7f36a94486f0 (LWP 20478)] > 0x00007f36a8ebeb0a in Form::findWidgetByRef (this=0x0, aref= > {num = 493, gen = 0}) at Form.cc:1231 > 1231 for(int i=0; i<numFields; i++) { > (gdb) bt full > #0 0x00007f36a8ebeb0a in Form::findWidgetByRef (this=0x0, aref= > {num = 493, gen = 0}) at Form.cc:1231 > i = 0 > #1 0x00007f36a8eabb1f in AnnotWidget::initialize (this=0xfc9350, > xrefA=0xf910f0, catalog=0xf91a70, dict=0xfbf940) at Annot.cc:1734 > obj1 = {type = objNone, {booln = 0, intg = 0, real = 0, string = 0x0, > name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, > gen = 0}, cmd = 0x0}} > #2 0x00007f36a8ead02d in AnnotWidget (this=0xfc9350, xrefA=0xf910f0, > dict=0xfbf940, catalog=0xf91a70, obj=0x7fffb146af10) at Annot.cc:1713 > No locals. > #3 0x00007f36a8eb034d in Annots::createAnnot (this=0xf92b10, xref=0xf910f0, > dict=0xfbf940, catalog=0xf91a70, obj=0x7fffb146af10) at Annot.cc:3393 > typeName = (GooString *) 0xf913f0 > annot = (Annot *) 0x7fffb146af10 > obj1 = {type = objName, {booln = 16346208, intg = 16346208, > real = 8.076099812575351e-317, string = 0xf96c60, > name = 0xf96c60 "Widget", array = 0xf96c60, dict = 0xf96c60, > stream = 0xf96c60, ref = {num = 16346208, gen = 0}, > cmd = 0xf96c60 "Widget"}} > #4 0x00007f36a8eb07e0 in Annots (this=0xf92b10, xref=0xf910f0, > catalog=0xf91a70, annotsObj=0x7fffb146b010) at Annot.cc:3332 > No locals. > #5 0x00007f36a8f34542 in Page::displaySlice (this=0xf92c50, out=0xfb58b0, > hDPI=72, vDPI=72, rotate=0, useMediaBox=1, crop=0, sliceX=-1, sliceY=-1, > sliceW=-1, sliceH=-1, printing=0, catalog=0xf91a70, abortCheckCbk=0, > abortCheckCbkData=0x0, annotDisplayDecideCbk=0, > annotDisplayDecideCbkData=0x0) at Page.cc:421 > gfx = (Gfx *) 0xf917e0 > obj = {type = objArray, {booln = 16472192, intg = 16472192, > real = 8.1383441789010146e-317, string = 0xfb5880, > name = 0xfb5880 "�\020�", array = 0xfb5880, dict = 0xfb5880, > stream = 0xfb5880, ref = {num = 16472192, gen = 0}, > cmd = 0xfb5880 "�\020 > annotList = (Annots *) 0xfb58b0 > i = 0 > #6 0x00007f36a8f34768 in Page::display (this=0xf92c50, out=0xfb58b0, hDPI=72, > vDPI=72, rotate=0, useMediaBox=1, crop=0, printing=0, catalog=0xf91a70, > abortCheckCbk=0, abortCheckCbkData=0x0, annotDisplayDecideCbk=0, > annotDisplayDecideCbkData=0x0) at Page.cc:344 > No locals. > #7 0x00007f36a8f39932 in PDFDoc::displayPage (this=0xf90cf0, out=0xfb58b0, > page=1, hDPI=72, vDPI=72, rotate=0, useMediaBox=1, crop=0, printing=0, > abortCheckCbk=0, abortCheckCbkData=0x0, annotDisplayDecideCbk=0, > annotDisplayDecideCbkData=0x0) at PDFDoc.cc:373 > No locals. > #8 0x00007f36a8f399cf in PDFDoc::displayPages (this=0xf90cf0, out=0xfb58b0, > firstPage=1, lastPage=28, hDPI=72, vDPI=72, rotate=0, useMediaBox=1, > crop=0, printing=0, abortCheckCbk=0, abortCheckCbkData=0x0, > annotDisplayDecideCbk=0, annotDisplayDecideCbkData=0x0) at PDFDoc.cc:388 > page = 1 > #9 0x0000000000406058 in main (argc=2, argv=0x7fffb146b5f8) > at pdftohtml.cc:304 > doc = (PDFDoc *) 0xf90cf0 > fileName = (GooString *) 0xf90c90 > docTitle = (GooString *) 0xfb5880 > author = (GooString *) 0x0 > keywords = (GooString *) 0x0 > subject = (GooString *) 0x0 > date = (GooString *) 0xfb5210 > htmlFileName = (GooString *) 0xf919b0 > psFileName = (GooString *) 0x0 > htmlOut = (class HtmlOutputDev *) 0xfb58b0 > psOut = (class PSOutputDev *) 0x0 > ok = 1 > p = 0xf90c96 ".pdf" > extension = "png", '\0' <repeats 12 times> > ownerPW = (GooString *) 0x0 > userPW = (GooString *) 0x0 > info = {type = objNone, {booln = 16472192, intg = 16472192, > real = 8.1383441789010146e-317, string = 0xfb5880, > name = 0xfb5880 "�\020�", array = 0xfb5880, dict = 0xfb5880, > stream = 0xfb5880, ref = {num = 16472192, gen = 0}, > cmd = 0xfb5880 "�\020 > extsList = {0x4129f3 "png", 0x4129f7 "jpeg", 0x4129fc "bmp", > 0x412a00 "pcx", 0x412a04 "tiff", 0x412a09 "pbm", 0x0}
Should be fixed when poppler 0.9.0 is released, but as you can't share the document, you either try from poppler svn master branch or trust me. Of course if when poppler 0.9.0 is out you still have problems reopen the bug.
I built from git master (`git describe`d as poppler-0.8.0-160-g303249e) and the file loads perfectly. Thank you. Fixed in commit a567c921ce538616f4ba0b7933086ef5a8ab0f55, for anyone who wants to backport it.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.