Created attachment 131286 [details] testcase.pdf Attached testcase lead to an invalid memory read in Page::getCropBox() - Page.h:155. Steps to reproduce: 1) CC=clang CXX=clang++ CFLAGS="-O0 -g -ggdb" CXXFLAGS="-O0 -g -ggdb" LDFLAGS="-lpthread" ./configure --disable-poppler-qt4 --disable-poppler-qt5 --enable-xpdf-headers --enable-static --disable-shared ; make 2) cd cpp ; CC=clang CXX=clang++ CFLAGS="-O0 -g -ggdb" CXXFLAGS="-O0 -g -ggdb" make 3) ./cpp/tests/poppler-dump --show-pages testcase.pdf GDB info: Program received signal SIGSEGV, Segmentation fault. Page::getCropBox (this=0x0) at ../poppler/Page.h:155 155 PDFRectangle *getCropBox() { return attrs->getCropBox(); } (gdb) bt #0 Page::getCropBox (this=0x0) at ../poppler/Page.h:155 #1 0x0000000000418c01 in poppler::page::page_rect (this=0x83a5d0, box=poppler::crop_box) at poppler-page.cpp:132 #2 0x00000000004089a4 in print_page (p=0x83a5d0) at poppler-dump.cpp:303 #3 0x00000000004071f8 in main (argc=2, argv=0x7fffffffe428) at poppler-dump.cpp:380 (gdb) disas $rip Dump of assembler code for function Page::getCropBox(): 0x0000000000419660 <+0>: push rbp 0x0000000000419661 <+1>: mov rbp,rsp 0x0000000000419664 <+4>: sub rsp,0x10 0x0000000000419668 <+8>: mov QWORD PTR [rbp-0x8],rdi 0x000000000041966c <+12>: mov rdi,QWORD PTR [rbp-0x8] => 0x0000000000419670 <+16>: mov rdi,QWORD PTR [rdi+0x30] 0x0000000000419674 <+20>: call 0x419a90 <PageAttrs::getCropBox()> (gdb) print $rdi $1 = 0 Poppler version: poppler-0.54.0 Test platform: Linux 4.3.0-1-amd64 #1 SMP Debian 4.3.3-7 (2016-01-19) x86_64 GNU/Linux
Fixed, thanks for the report.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.