Created attachment 125157 [details] crashing testcase Found with american fuzzy lop. See attached for crashing testcase. > valgrind pdfinfo file.min ...snip... ==28152== Invalid read of size 8 ==28152== at 0x505C553: Hints::Hints(BaseStream*, Linearization*, XRef*, SecurityHandler*) (Hints.cc:46) ==28152== by 0x50B772B: PDFDoc::checkLinearization() (PDFDoc.cc:560) ==28152== by 0x50B6D11: PDFDoc::getPage(int) (PDFDoc.cc:2006) ==28152== by 0x408690: JSInfo::scan(int) (JSInfo.cc:165) ==28152== by 0x40366D: main (pdfinfo.cc:286) ==28152== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==28152== ==28152== Process terminating with default action of signal 11 (SIGSEGV) ==28152== Access not within mapped region at address 0x0 ...snip...
I have confirmed this on both the 0.45.0 stable release and the git repo
Was this resolved in poppler-0.46.0.tar.xz (Mon Jul 25, 2016)?
is the bug marked as fixed?
This is not fixed in poppler-0.46.0.tar.xz (Mon Jul 25, 2016). GDB (on 0.46.0): Hints::Hints (this=0x64ca00, str=0x64bf10, linearization=0x64c0f0, xref=0x64c110, secHdlr=0x0) at Hints.cc:46 46 pageOffsetFirst = xref->getEntry(pageObjectFirst)->offset;
Fixed
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.