94873 – [PATCH] Segfault on certain PDF form item activation actions

Bug 94873 - [PATCH] Segfault on certain PDF form item activation actions

Summary: [PATCH] Segfault on certain PDF form item activation actions

Status:	RESOLVED FIXED

Alias:	None

Product:	poppler
Classification:	Unclassified
Component:	qt4 frontend (show other bugs)
Version:	unspecified
Hardware:	Other All

Importance:	medium normal
Assignee:	poppler-bugs
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-04-08 18:45 UTC by Arseniy Lartsev
Modified:	2016-04-28 21:59 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments
The patch (682 bytes, text/plain) 2016-04-08 18:45 UTC, Arseniy Lartsev	Details
View All

Description Arseniy Lartsev 2016-04-08 18:45:40 UTC

Created attachment 122824 [details]
The patch

PageData::convertLinkActionToLink in qt4/src/poppler-page.cc, for actionRendition link kind, calls copy() on LinkRendition::getMedia(). However, LinkRendition constructor from Poppler core has several ways to leave the media field at NULL. The situation I came across was operationCode = 5, but it looks like the same would happen for 1 ≤ operationCode ≤ 3 and missing R field, which isn't even considered an malformed PDF.

Anyway, I'm attaching a patch that fixes the segfault when LinkRendition::getMedia() returns NULL for whatever reason. I'm not attaching the test case because it's 150 MB large and copyrighted but I guess I can send it privately to someone if really needed.

Comment 1 Albert Astals Cid 2016-04-28 21:59:47 UTC

Pushed, thanks.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.