Summary: |
Crash: Internal Error (0): Call to Object where the object was type 7, not the expected type 9 |
Product: |
poppler
|
Reporter: |
LE GARREC Vincent <freedesktop> |
Component: |
pdftohtml | Assignee: |
poppler-bugs <poppler-bugs> |
Status: |
RESOLVED
FIXED
|
QA Contact: |
|
Severity: |
normal
|
|
|
Priority: |
medium
|
|
|
Version: |
unspecified | |
|
Hardware: |
Other | |
|
OS: |
All | |
|
Whiteboard: |
|
i915 platform:
|
|
i915 features:
|
|
Attachments: |
crash.pdf
|
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Created attachment 117131 [details] crash.pdf Dear, I was playing with AFL (American Fuzzy Lop) and after some time, it found a testcase where pdftohtml crashes. Syntax Error: End of file inside dictionary Syntax Error: End of file inside dictionary Syntax Error: Pages top-level is a single Page. The document is mal-formet, trying to recover... Internal Error (0): Call to Object where the object was type 7, not the expected type 9 Abandon (core dumped) Program received signal SIGABRT, Aborted. #0 0x00007ffff6efad9b in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:55 #1 0x00007ffff6efc261 in __GI_abort () at abort.c:89 #2 0x00007ffff76f3fce in getRef (this=<optimized out>, this=<optimized out>) at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/Object.h:211 #3 Catalog::getNumPages (this=0x6714f0) at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/Catalog.cc:831 #4 0x00007ffff78f6296 in PDFDoc::getNumPages (this=this@entry=0x670e10) at /home/legarrec/info/programmation/tmp/afl/poppler/poppler/PDFDoc.cc:1878 #5 0x000000000040a680 in main (argc=2, argv=<optimized out>) at /home/legarrec/info/programmation/tmp/afl/poppler/utils/pdftohtml.cc:329 I worked with poppler from git. I also find a testcase where a 863 bytes file run into infinity loop. Should I also send another bug report ? Regards,