Bug 85395 - [pdftohtml] Segfault in GfxState.cc:5878
Summary: [pdftohtml] Segfault in GfxState.cc:5878
Status: RESOLVED FIXED
Alias: None
Product: poppler
Classification: Unclassified
Component: utils (show other bugs)
Version: unspecified
Hardware: All All
: medium normal
Assignee: poppler-bugs
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-10-24 06:54 UTC by MH
Modified: 2016-09-04 13:36 UTC (History)
2 users (show)

See Also:
i915 platform:
i915 features:

Attachments
segfault-GfxState.cc:5878.pdf (2.98 KB, application/pdf)
2014-10-24 06:54 UTC, MH 		Details
67-unfuzzed.pdf (2.98 KB, application/pdf)
2014-10-24 06:56 UTC, MH 		Details
View All

Description MH 2014-10-24 06:54:40 UTC 
Created attachment 108336 [details]
segfault-GfxState.cc:5878.pdf

OS: Fedora 20 (running in virtualbox)
Dependencies installed with: yum-builddep poppler
Version: GIT Master
Command line for loop demonstration: 

mkdir out
master/utils/pdftohtml <attached.pdf> out/out

#############################################################################
GDB output:

Reading symbols from /home/foobar/poppler/utils/.libs/lt-pdftohtml...done.
Starting program: /home/foobar/poppler/utils/.libs/lt-pdftohtml segfault-gfxstate.cc-5878-67-pdftohtmlfuzz-11.pdf out/out
Bogus memory allocation size

Program received signal SIGSEGV, Segmentation fault.
GfxImageColorMap::getRGB (this=this@entry=0x6563f0, x=x@entry=0x0, rgb=rgb@entry=0x7fffffffd610) at GfxState.cc:5878
5878          color.c[i] = lookup2[i][x[i]];
Comment 1 MH 2014-10-24 06:56:19 UTC 
Created attachment 108337 [details]
67-unfuzzed.pdf

Attached unfuzzed file as per request.
Comment 2 Albert Astals Cid 2016-09-04 13:36:10 UTC 
This seems to have been fixed a while back, at least can't reproduce anymore with the git version.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.