Did you try the attached POC file? I ran "./utils/pdftocairo -svg poc" in poppler's latest version (619bfc1f) and found the program still crashed.
We found a reachable abort in Object.h:445. To reproduce, run pdfunite 1.pdf $POC 2.pdf
.
The backtrace is
#0 0x00007ffff748983c in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00007ffff743da52 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007ffff7428469 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#3 0x0000555555558036 in Object::getRef (this=<optimized out>)
at /home/users/chluo/pop/poppler/Object.h:445
#4 doMergeFormDict (numOffset=<optimized out>, mergeFormDict=<optimized out>,
srcFormDict=<optimized out>) at /home/users/chluo/pop/utils/pdfunite.cc:116
#5 main (argc=<optimized out>, argv=<optimized out>)
at /home/users/chluo/pop/utils/pdfunite.cc:335
To patch is bug, I suggest adding an isRef()
check before calling getRef()
in pdfunite.cc:116.
We found a reachable assertion when executing pdftocairo. I am not sure if this is a problem in poppler
or libcairo.so
as the reachable assertion locates at libcairo.so. The version of libcairo.so is 1.16.0-6.
To reproduce, run pdftocairo -svg $poc
The error message is pdftocairo: ../../../../src/cairo-path-stroke-polygon.c:829: normalize_slope: Assertion 'dx0 != 0.0 || dy0 != 0.0 failed.'
The backtrace is
#0 0x00007ffff728983c in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00007ffff723da52 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007ffff7228469 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#3 0x00007ffff7228395 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#4 0x00007ffff7236b02 in __assert_fail () from /lib/x86_64-linux-gnu/libc.so.6
#5 0x00007ffff7ec6d53 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#6 0x00007ffff7ec7047 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#7 0x00007ffff7ec7be2 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#8 0x00007ffff7ec489a in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#9 0x00007ffff7ec8ca0 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#10 0x00007ffff7ec2c94 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#11 0x00007ffff7e94825 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#12 0x00007ffff7ef6346 in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#13 0x00007ffff7ef28cd in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#14 0x00007ffff7ede47f in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#15 0x00007ffff7edfacb in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#16 0x00007ffff7ec1f9c in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#17 0x00007ffff7ec247d in ?? () from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#18 0x00007ffff7ef6aa8 in cairo_surface_show_page ()
from /usr/lib/x86_64-linux-gnu/libcairo.so.2
#19 0x0000555555560724 in endPage (imageFileName=0x0)
at /home/users/chluo/poppler/utils/pdftocairo.cc:731
#20 main (argc=<optimized out>, argv=<optimized out>)
at /home/users/chluo/poppler/utils/pdftocairo.cc:1240
crt (8a159d5e) at 13 Aug 10:04
Removed duplicated check.
Yes. I will remove it.
Updated.
crt (6be40186) at 12 Aug 02:00
Update utils/pdfunite.cc
crt (b8b2f1a0) at 12 Aug 01:57
Update poppler/PDFDoc.h
crt (2bf6c663) at 12 Aug 01:53
Update poppler/PDFDoc.cc, utils/pdfunite.cc
It seems that the commits have passed the pipeline now.
I added a space following the suggestions. However, it still failed to pass the pipeline (although it passed the clang build). The error messages showed there are some uninstallable packages. I think this might not be introduced by my commits. Can you have a check on that?
crt (0df38f1e) at 10 Aug 14:49
clang-format
crt (96d0831f) at 10 Aug 14:48
clang-format
Updated. The code format looks OK in my view.
crt (08394f63) at 09 Aug 22:59
Formatting code.
crt (c06fe0a9) at 09 Aug 22:58
Formatting code.
Done.
Fix #1282.
I add two if
checks. This is because after I inserted if at PDFDoc.cc:1755
, the program still crashes at pdfunite.cc:293
.
crt (7662ff8c) at 09 Aug 02:46
Check isDict before calling getDict.