Summary: | Crash when scrolling through a pdf | ||
---|---|---|---|
Product: | poppler | Reporter: | Pascal Wittmann <PascalWittmann> |
Component: | general | Assignee: | poppler-bugs <poppler-bugs> |
Status: | RESOLVED FIXED | QA Contact: | |
Severity: | normal | ||
Priority: | medium | ||
Version: | unspecified | ||
Hardware: | x86 (IA32) | ||
OS: | Linux (All) | ||
Whiteboard: | |||
i915 platform: | i915 features: | ||
Attachments: |
The pdf that throws the error
Error message form evince and epdfview Error Message form zathura |
Created attachment 43452 [details]
Error message form evince and epdfview
Created attachment 43453 [details]
Error Message form zathura
I forgot to mention that viewing this pdf with a pdfviewer not based on poppler (e.g. mupdf) the pdf is correctly shown. Cairo backend specific. Works with the splash backend. Problem is actually on page 6. (In reply to comment #4) > Cairo backend specific. Works with the splash backend. Problem is actually on > page 6. The problem is not actually in the cairo backend, but in GfxICCBasedColorSpace::getRGBLine(). It doesn't crash with splash because it doesn't use getRGBline(). The problem is when using libcms, there's a line transform and getRGBLine() is called when nComps = 0. First, it allocates memory depending on nComps: Guchar* tmp = (Guchar *)gmallocn(nComps * length, sizeof(Guchar)); but it writes to the out buffer assuming nComps = 3: for (int i = 0; i < length; ++i) { Guchar *current = tmp + (i * 3); out[i] = (current[0] << 16) | (current[1] << 8) | current[2]; } Allocating enough memory fixes the crash, but I'm not sure it's the right fix though: - Guchar* tmp = (Guchar *)gmallocn(nComps * length, sizeof(Guchar)); + Guchar* tmp = (Guchar *)gmallocn(3 * length, sizeof(Guchar)); Right Splash uses getRBGLine but never when nComps is 1 so we were not hitting that crash. As far as i know your patch is correct since the transform we use is always for rgb, but if you want to make sure i can run a regtest to see if anything breaks. (In reply to comment #6) > Right Splash uses getRBGLine but never when nComps is 1 so we were not hitting > that crash. I'll try to implement that optimization in cairo too, we already have it for some drawImage() methods indeed. > As far as i know your patch is correct since the transform we use > is always for rgb, but if you want to make sure i can run a regtest to see if > anything breaks. Ok, thanks Will be fixed in poppler 0.16.3 |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Created attachment 43451 [details] The pdf that throws the error First I'm using poppler-version 0.16.2 on Archlinux. When I'm scrolling in the attached pdf to slide 4 every pdfreader using poppler crashes. Using evince and epdfview I get the error message attached in file error1.txt and using zathura I get the the message in file error2.txt.