Segmentation fault in genops.c
version:23.08.0
My system OS:Ubuntu 20.04
reproduce: pdfseparate poc.pdf output-%d.pdf
The stack information is as follows:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7603fcc in __GI__IO_default_xsputn (f=0x7fffff7ff5c0, data=0x7ffff7ea6918, n=12) at genops.c:374
374 genops.c: 没有那个文件或目录.
(gdb) bt
#0 0x00007ffff7603fcc in __GI__IO_default_xsputn (f=0x7fffff7ff5c0, data=0x7ffff7ea6918, n=12) at genops.c:374
#1 0x00007ffff75e90fc in __vfprintf_internal (s=s@entry=0x7fffff7ff5c0, format=0x7ffff7ea68f2 "%s (%lld): %s\n", ap=0x7fffff801c80, mode_flags=)
at ../libio/libioP.h:948
#2 (closed) 0x00007ffff75ebea2 in buffered_vfprintf (s=s@entry=0x7ffff775f5c0 <_IO_2_1_stderr_>, format=format@entry=0x7ffff7ea68f2 "%s (%lld): %s\n",
args=args@entry=0x7fffff801c80, mode_flags=mode_flags@entry=0) at vfprintf-internal.c:2377
#3 (closed) 0x00007ffff75e8d24 in __vfprintf_internal (s=0x7ffff775f5c0 <_IO_2_1_stderr_>, format=0x7ffff7ea68f2 "%s (%lld): %s\n", ap=ap@entry=0x7fffff801c80,
mode_flags=mode_flags@entry=0) at vfprintf-internal.c:1346
#4 0x00007ffff75d3c6a in __fprintf (stream=, format=) at fprintf.c:32
#5 (closed) 0x00007ffff7c496f6 in error (category=category@entry=errSyntaxError, pos=3374, msg=) at /Oscar01/liujiahao/poppler/poppler/Error.cc:73
#6 (closed) 0x00007ffff7d1c7df in Lexer::getObj (this=0x7fffff8023c0, objNum=-1) at /Oscar01/liujiahao/poppler/poppler/Lexer.cc:571
#7 0x00007ffff7d3cc92 in Parser::shift (this=this@entry=0x7fffff8023c0, objNum=objNum@entry=-1) at /Oscar01/liujiahao/poppler/poppler/Parser.cc:356
#8 0x00007ffff7d3bd20 in Parser::getObj (this=this@entry=0x7fffff8023c0, simpleOnly=false, fileKey=0x0, fileKey@entry=0x4365da68 "\260\317eC", encAlgorithm=cryptNone,
encAlgorithm@entry=cryptAES, keyLength=keyLength@entry=0, objNum=12, objGen=0, recursion=4, strict=, decryptString=)
at /Oscar01/liujiahao/poppler/poppler/Parser.cc:183
#9 0x00007ffff7d3c088 in Parser::getObj (this=this@entry=0x7fffff8023c0, simpleOnly=, fileKey=, fileKey@entry=0x668c50 "",
encAlgorithm=, encAlgorithm@entry=cryptAES, keyLength=, keyLength@entry=0, objNum=, objGen=,
recursion=, strict=, decryptString=) at /Oscar01/liujiahao/poppler/poppler/Parser.cc:103
#10 0x00007ffff7d3c372 in Parser::getObj (this=this@entry=0x7fffff8023c0, simpleOnly=, fileKey=, fileKey@entry=0x43643bc8 "\340\264eC",
encAlgorithm=, encAlgorithm@entry=cryptAES, keyLength=, keyLength@entry=0, objNum=, objGen=,
recursion=, strict=, decryptString=) at /Oscar01/liujiahao/poppler/poppler/Parser.cc:144
#11 (closed) 0x00007ffff7d3c088 in Parser::getObj (this=this@entry=0x7fffff8023c0, simpleOnly=, fileKey=,
fileKey@entry=0x7fff0000000d <error: Cannot access memory at address 0x7fff0000000d>, encAlgorithm=, encAlgorithm@entry=cryptAES,
keyLength=, keyLength@entry=0, objNum=, objGen=, recursion=, strict=,
I have encountered similar issues in xpdf before, and the developer stated that's a loop in the PDF object structure, already assigned CVE-2019-9587.I'm not sure if this is the same reasonpoc.pdf