Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Starred by 1 user
Status: Fixed
Owner:
Closed: Nov 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment
malformed pdf will cause very slow rendering in pdfium
Reported by ha...@hboeck.de, Jan 22 2015 Back to list
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.85 Safari/537.36

Steps to reproduce the problem:
1. pass attached pdf to pdfium_test or chrome
2. endless loop, process will have 100% load

found with american fuzzy lop

What is the expected behavior?

What went wrong?
shouldn't hang.

Did this work before? N/A 

Chrome version: 40.0.2214.85  Channel: beta
OS Version: 
Flash Version: Shockwave Flash 16.0 r0

 
Labels: Cr-Internals-Plugins-PDF
Labels: Needs-Feedback
There's no attachment.
Comment 3 Deleted
Comment 4 by ha...@hboeck.de, Jan 22 2015
pdf-loop.pdf
8.8 KB Download
Labels: -Needs-Feedback
Thanks. I'm testing with Linux 41.0.2272.3 dev channel here and it doesn't infinite loop. There's a brief spike in CPU usage, and then it displays a blank page.
Comment 6 by ha...@hboeck.de, Jan 25 2015
Indeed, I haven't waited long enough, it stops at some point. Still probably something worth fixing as it causes a CPU spike for some time.
Here's another one that I got with the same fuzzing run, this one seems to loop (at least it hangs for several minutes).
pdfium-loop2.pdf
8.8 KB Download
Status: Available
Well, it's not an endless loop... it finishes rendering eventually. It just takes a long time to render. Firefox seems to be take long time as well.

I guess someone can take a look at this, see what's causing the CPU usage, and either optimize it or bail out early.
Summary: malformed pdf will cause very slow rendering in pdfium (was: malformed pdf will cause endless loop in pdfium)
(updating bug summary)
Comment 9 by npm@chromium.org, Nov 9 2016
Owner: npm@chromium.org
Status: Assigned
Project Member Comment 10 by bugdroid1@chromium.org, Nov 10 2016
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/02710ab8baf1e3d959afdc6a3aff2d06a2038190

commit 02710ab8baf1e3d959afdc6a3aff2d06a2038190
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Thu Nov 10 02:45:55 2016

Roll src/third_party/pdfium/ 6173c9d2a..3f8cb532c (1 commit).

https://pdfium.googlesource.com/pdfium.git/+log/6173c9d2a3ce..3f8cb532c93b

$ git log 6173c9d2a..3f8cb532c --date=short --no-merges --format='%ad %ae %s'
2016-11-09 npm Add early returns in CJBig2_TRDProc::decode_Arith when decode fails.

BUG= 450971 

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2491493005
Cr-Commit-Position: refs/heads/master@{#431150}

[modify] https://crrev.com/02710ab8baf1e3d959afdc6a3aff2d06a2038190/DEPS

Comment 11 by npm@chromium.org, Nov 10 2016
Status: Fixed
Sign in to add a comment