IanYates / pdfium

Automatically exported from code.google.com/p/pdfium
0 stars 0 forks source link

pdfium_test scaling up causing access violation #114

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Build from the commit id c32dac1f9dcd75aeabd9ea1af257499270d2f041 
(2015-02-03)
2. pdfium_test.exe --ppm --scale=18 Converter-b-test.pdf
3. The process will cause an access violation

What is the expected output? What do you see instead?

The expected output is a ppm file with size 942,264,613 bytes named 
Converter-b-test.pdf.0.ppm.

What I see is this exception:

Unhandled exception at 0x000000013FE5B1AB in pdfium_test.exe: 0xC0000005: 
Access violation reading location 0x0000000000000002.

What version of the product are you using? On what operating system?

Commit id: c32dac1f9dcd75aeabd9ea1af257499270d2f041
OS: Windows 7 64-bit

Please provide any additional information below.

The first instance of exception raised from pdfium_test.c:WritePpm(...):143:

        dest_line[w * 3] = src_line[(w * 4) + 2];

src_line is 0 as buffer is 0.

The actual cause is found to be in fx_dib_main.cpp:CFX_DIBitmap::Create(...):77:

    if ((1 << 30) / pitch < height) {
        return FALSE;
    }

This checking forced the internal buffer of CFX_DIBitmap to be null whenever 
the width and height have reached a certain size.

I'm not sure what is the intention of this if block but skipping it will surely 
avoiding the exception.

In fact this problem was found when using another PDF but since that PDF is 
confidential, I tried to reproduce the problem on another well known PDF which 
is "Converter-b-test.pdf" in issue #84.

In general, testing with any PDF should be able to reproduce the problem given 
that the condition above is met.

Original issue reported on code.google.com by noth...@gmail.com on 4 Feb 2015 at 1:28

GoogleCodeExporter commented 9 years ago

Original comment by thestig@chromium.org on 8 May 2015 at 4:24

GoogleCodeExporter commented 9 years ago
https://pdfium.googlesource.com/pdfium/+/17ea732e8c8bba793aa57644f2325eeaaf4a1cb
d
provides an error message for this case rather than the segv.

Scaling pdfium up to support these kinds of images is much harder due to the 
pervasive use of int's for sizes.  

Original comment by tsepez@chromium.org on 8 May 2015 at 7:04

GoogleCodeExporter commented 9 years ago

Original comment by tsepez@chromium.org on 8 May 2015 at 7:04