Bug 85243

Summary: [pdftops] Segfault in FoFiTrueType.cc:1248
Product: poppler Reporter: MH <ravdune+bugzilla>
Component: utilsAssignee: poppler-bugs <poppler-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium CC: fdo-bugs
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: segfault-FoFiTrueType.cc:1248.pdf
42-unfuzzed.pdf

Description MH 2014-10-20 14:43:08 UTC 
Created attachment 108119 [details]
segfault-FoFiTrueType.cc:1248.pdf

OS: Fedora 20 (running in virtualbox)
Dependencies installed with: yum-builddep poppler
Version: GIT Master
Command line: master/utils/pdftops <attached.pdf> /dev/null

###############################################################################

GDB output:

Starting program: /home/foobar/poppler/utils/.libs/lt-pdftops segfault-fofitruetype.cc-1248-42-pdftopsfuzz-20.pdf /dev/null

Program received signal SIGSEGV, Segmentation fault.
FoFiTrueType::dumpString (this=<optimized out>, s=0x7fffffffd820 "", length=14394, outputFunc=0x7ffff7ac7f30 <outputToFile(void*, char const*, int)>,
    outputStream=0x642240) at FoFiTrueType.cc:1248
1248          buf = GooString::format("{0:02x}", s[i+j] & 0xff);
Comment 1 MH 2014-10-21 13:45:28 UTC 
Created attachment 108181 [details]
42-unfuzzed.pdf

Attached unfuzzed file as per request.
Comment 2 Albert Astals Cid 2015-02-07 21:22:15 UTC 
Fix pushed

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.