search

cage1016 / pdfium

Automatically exported from code.google.com/p/pdfium
0 stars 0 forks source link

CFX_BaseSegmentedArray::Iterate Crash #117

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Open test.pdf with pdfium_test
2. Observe crash

What is the expected output? What do you see instead?
Expected a properly parsed PDF, instead got a crash

What version of the product are you using? On what operating system?
pdfium_test built on Linux x64

Please provide any additional information below.

Rendering PDF file test.pdf.
Linearized path...

Program received signal SIGSEGV, Segmentation fault.
0x00000000005b3e98 in CFX_BaseSegmentedArray::Iterate (this=0x18, 
callback=0x5be81c <_CMapLookupCallback(void*, void*)>, param=0x7fffffffd920) at 
core/src/fxcrt/fx_basic_array.cpp:312
312     if (m_pIndex == NULL) {
Missing separate debuginfos, use: debuginfo-install 
bzip2-libs-1.0.6-14.fc21.x86_64 freetype-2.5.3-13.fc21.x86_64 
libpng-1.6.10-3.fc21.x86_64 zlib-1.2.8-7.fc21.x86_64

(gdb) bt
#0  0x00000000005b3e98 in CFX_BaseSegmentedArray::Iterate (this=0x18, 
callback=0x5be81c <_CMapLookupCallback(void*, void*)>, param=0x7fffffffd920)
    at core/src/fxcrt/fx_basic_array.cpp:312
#1  0x00000000005be89c in CFX_CMapByteStringToPtr::Lookup (this=0x10, key=..., 
rValue=@0x7fffffffd898: 0x0) at core/src/fxcrt/fx_basic_maps.cpp:507
#2  0x0000000000492d6d in CPDF_Dictionary::GetElementValue (this=0x0, key=...) 
at core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp:601
#3  0x0000000000493269 in CPDF_Dictionary::GetStream (this=0x0, key=...) at 
core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp:714
#4  0x0000000000446a24 in CPDF_Metadata::LoadDoc (this=0x7fffffffd9f0, 
pDoc=0x21932f0) at core/src/fpdfdoc/doc_metadata.cpp:59
#5  0x000000000040f2a7 in CheckUnSupportError (pDoc=0x21932f0, err_code=0) at 
fpdfsdk/src/fpdf_ext.cpp:202
#6  0x000000000040e382 in FPDFAvail_GetDocument (avail=0x2191cd0, password=0x0) 
at fpdfsdk/src/fpdf_dataavail.cpp:135
#7  0x0000000000408277 in RenderPdf (name="test.pdf", 
    pBuf=0x7ffff7f96010 "%PDF-1.2\r%\342\343\317\323\r\n272 0 obj\r<< \r/Linearized 1 \r/O 274 \r/H [ 748 690 ] \r/L 238730 \r/E 12806 \r/N 80 \r/T 233171 \r>> \rendobj\r", ' ' <repeats 54 times>, "xref\r\262\067\062 17 \r0000000016 000"..., len=238730, options=...) at samples/pdfium_test.cc:411
#8  0x0000000000408898 in main (argc=2, argv=0x7fffffffe018) at 
samples/pdfium_test.cc:548

(gdb) x/i $rip
=> 0x5b3e98 <CFX_BaseSegmentedArray::Iterate(int (*)(void*, void*), void*) 
const+24>:  mov    0x10(%rax),%rax

(gdb) i r
rax            0x18 24
rbx            0x4a0b52 4852562
rcx            0x18 24
rdx            0x7fffffffd920   140737488345376
rsi            0x5be81c 6023196
rdi            0x18 24
rbp            0x7fffffffd830   0x7fffffffd830
rsp            0x7fffffffd800   0x7fffffffd800
r8             0x2195b80    35216256
r9             0x7ffff6ed9d78   140737336155512
r10            0x51 81
r11            0x7ffff6b586b0   140737332479664
r12            0x407600 4224512
r13            0x7fffffffe010   140737488347152
r14            0x0  0
r15            0x0  0
rip            0x5b3e98 0x5b3e98 <CFX_BaseSegmentedArray::Iterate(int 
(*)(void*, void*), void*) const+24>
eflags         0x10206  [ PF IF RF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0
(gdb)

Original issue reported on code.google.com by jbrown3...@gmail.com on 10 Feb 2015 at 12:01

Attachments: