stack-overflow in `Gfx` results in Segmentation Fault
- Version: 20.12.1
- Commit: e1f56258
- How to reproduce: ./pdftops ./poc.pdf /dev/null
The backtrace is:
==87508==ERROR: AddressSanitizer: stack-overflow on address 0x7ffdad19dd50 (pc 0x7fa5dfaba70a bp 0x7ffdad1a0320 sp 0x7ffdad19dc40 T0)
#0 0x7fa5dfaba709 in buffered_vfprintf /build/glibc-S9d2JN/glibc-2.27/stdio-common/vfprintf.c:2329
#1 0x7fa5dfab7825 in _IO_vfprintf /build/glibc-S9d2JN/glibc-2.27/stdio-common/vfprintf.c:1301
#2 0x44cbc6 in __interceptor_vfprintf (/src/executable/pdftops+0x44cbc6)
#3 0x44ccd6 in fprintf (/src/executable/pdftops+0x44ccd6)
#4 0x525b15 in error(ErrorCategory, long long, char const*, ...) /src/poppler/poppler/Error.cc:76:13
#5 0x991c50 in GfxTilingPattern::parse(Object*, int) /src/poppler/poppler/GfxState.cc:3186:9
#6 0x9911c7 in GfxPattern::parse(GfxResources*, Object*, OutputDev*, GfxState*, int) /src/poppler/poppler/GfxState.cc:3155:19
#7 0x8e7d27 in GfxResources::lookupPattern(char const*, OutputDev*, GfxState*) /src/poppler/poppler/Gfx.cc:389:24
#8 0x8e2fb3 in Gfx::opSetFillColorN(Object*, int) /src/poppler/poppler/Gfx.cc:1542:63
#9 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#10 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#11 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#12 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#13 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#14 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#15 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#16 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#17 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#18 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#19 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#20 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#21 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#22 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#23 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#24 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#25 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#26 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#27 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#28 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#29 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#30 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#31 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#32 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#33 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#34 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#35 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#36 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#37 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#38 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#39 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#40 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#41 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#42 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#43 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#44 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#45 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#46 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#47 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#48 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#49 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#50 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#51 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#52 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#53 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#54 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#55 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#56 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#57 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#58 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#59 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#60 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#61 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#62 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#63 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#64 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#65 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#66 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#67 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#68 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#69 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#70 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#71 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#72 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#73 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#74 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#75 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#76 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#77 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#78 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#79 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#80 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#81 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#82 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#83 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#84 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#85 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#86 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#87 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#88 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#89 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#90 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#91 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#92 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#93 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#94 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#95 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#96 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#97 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#98 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#99 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#100 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#101 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#102 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#103 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#104 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#105 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#106 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#107 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#108 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#109 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
#110 0x8f7e91 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool, bool) /src/poppler/poppler/Gfx.cc:2180:25
#111 0x8f541e in Gfx::doPatternFill(bool) /src/poppler/poppler/Gfx.cc:1898:9
#112 0x8c308b in Gfx::opFillStroke(Object*, int) /src/poppler/poppler/Gfx.cc:1797:17
#113 0x8f0006 in Gfx::execOp(Object*, Object*, int) /src/poppler/poppler/Gfx.cc:802:5
#114 0x8ee669 in Gfx::go(bool) /src/poppler/poppler/Gfx.cc:679:13
#115 0x8edc20 in Gfx::display(Object*, bool) /src/poppler/poppler/Gfx.cc:640:5
#116 0x8f3b89 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) /src/poppler/poppler/Gfx.cc:4767:5
#117 0xa89643 in PreScanOutputDev::tilingPatternFill(GfxState*, Gfx*, Catalog*, Object*, double const*, int, int, Dict*, double const*, double const*, int, int, int, int, double, double) /src/poppler/poppler/PreScanOutputDev.cc:84:14
...
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information