Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
P
poppler
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 613
    • Issues 613
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 39
    • Merge Requests 39
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • poppler
  • poppler
  • Issues
  • #669

Closed
Open
Opened Nov 15, 2018 by Andrius Merkys@merkys

pdfsig: Segfault in SignatureHandler::SignatureHandler

I did signature checking with pdfsig of a PDF with ETSI.CAdES.detached signature and ran into a segmentation fault. Output of valgrind:

$ valgrind pdfsig document.pdf 
==28240== Memcheck, a memory error detector
==28240== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==28240== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==28240== Command: pdfsig document.pdf
==28240== 
Digital Signature Info of: document.pdf
Internal Error (0): couldn't find default Firefox Folder
==28240== Invalid read of size 8
==28240==    at 0x566BB04: SECMOD_ReferenceModule (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x566C07B: ??? (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x566C11F: SECMOD_AddNewModuleEx (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x4A81B08: SignatureHandler::SignatureHandler(unsigned char*, int) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.80.0.0)
==28240==    by 0x498592D: FormFieldSignature::validateSignature(bool, bool, long) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.80.0.0)
==28240==    by 0x10A974: main (in /usr/bin/pdfsig)
==28240==  Address 0x38 is not stack'd, malloc'd or (recently) free'd
==28240== 
==28240== 
==28240== Process terminating with default action of signal 11 (SIGSEGV)
==28240==  Access not within mapped region at address 0x38
==28240==    at 0x566BB04: SECMOD_ReferenceModule (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x566C07B: ??? (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x566C11F: SECMOD_AddNewModuleEx (in /usr/lib/x86_64-linux-gnu/libnss3.so)
==28240==    by 0x4A81B08: SignatureHandler::SignatureHandler(unsigned char*, int) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.80.0.0)
==28240==    by 0x498592D: FormFieldSignature::validateSignature(bool, bool, long) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.80.0.0)
==28240==    by 0x10A974: main (in /usr/bin/pdfsig)
==28240==  If you believe this happened as a result of a stack
==28240==  overflow in your program's main thread (unlikely but
==28240==  possible), you can try to increase the size of the
==28240==  main thread stack using the --main-stacksize= flag.
==28240==  The main thread stack size used in this run was 8388608.

(cutting heap summary for brevity)

Observed with poppler-utils 0.69.0-2 as packaged in Debian. Firefox is not installed on this host.

Edited Nov 15, 2018 by Andrius Merkys
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: poppler/poppler#669