PDF2JSON is a conversion library based on XPDF (3.02) which can be used for high performance PDF page by page conversion to JSON and XML format. It also supports compressing data to minimize size. PDF2JSON is available for Windows, OSX and Linux. Please see https://flowpaper.com for more information
valgrind pdf2json $PoC /dev/null
==7805== Invalid read of size 8
==7805== at 0x41ACF7: GfxState::~GfxState() (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x41C839: GfxState::restore() (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x467BEB: Gfx::restoreState() (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x42A5AA: Page::displaySlice(OutputDev*, double, double, int, int, int, int, int, int, int, Links*, int, Catalog*, int (*)(void*), void*) (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x42A14A: Page::display(OutputDev*, double, double, int, int, int, Links*, int, Catalog*, int (*)(void*), void*) (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x42BCBD: PDFDoc::displayPage(OutputDev*, int, double, double, int, int, int, int, int (*)(void*), void*) (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x42BD48: PDFDoc::displayPages(OutputDev*, int, int, double, double, int, int, int, int, int (*)(void*), void*) (in /home/dungnguyen/PoCs/pdf2json_b671b64/pdf2json)
==7805== by 0x40269A: main (pdf2json.cc:275)
==7805== Address 0xbdcabdbebdbcbdb0 is not stack'd, malloc'd or (recently) free'd
Segmentation fault
Hi,
Our fuzzer found a crash due to an invalid read on the function GfxState::~GfxState (the latest commit b671b64 on master - version 0.70).
PoC: https://github.com/strongcourage/PoCs/blob/master/pdf2json_b671b64/PoC_segv_GfxState::~GfxState
Valgrind says:
Thanks, Manh Dung