Cr-Internals-Plugins-PDF
VULNERABILITY DETAILS
VERSION
Build version : asan-linux-debug-378422
OS: Ubuntu 14.04 x64
REPRODUCTION CASE
./pdfium_test crash3.pdf
Rendering PDF file /home/xgx/Crashes/pdfium/crash3.pdf.
Linearized path...
ASAN:DEADLYSIGNAL
=================================================================
==2927==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000d43711 bp 0x7ffc1b287db0 sp 0x7ffc1b285f80 T0)
==2927==The signal is caused by a READ memory access.
==2927==Hint: address points to the zero page.
#0 0xd43710 in decode_Arith /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_TrdProc.cpp:332:30
#1 0xd1e0a9 in decode_Arith /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_SddProc.cpp:195:16
#2 0xc921fb in parseSymbolDict /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:623:31
#3 0xc88032 in ProcessingParseSegmentData /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:351:14
#4 0xc84ae4 in parseSegmentData /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:339:17
#5 0xc81e4c in decode_SquentialOrgnazation /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:105:12
#6 0xc84cff in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:136:10
#7 0xc86a77 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:203:12
#8 0xc8690e in getFirstPage /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/jbig2/JBig2_Context.cpp:197:10
#9 0xc5b713 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fxcodec/codec/fx_codec_jbig.cpp:87:13
#10 0xaf92a2 in ContinueLoadDIBSource /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp:420:13
#11 0xacb455 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_cache.cpp:318:13
#12 0xacafac in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_cache.cpp:138:13
#13 0xb204ef in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp:1602:11
#14 0xb2116b in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp:1642:10
#15 0xad61b5 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render_image.cpp:848:9
#16 0xaa2f08 in ContinueSingleObject /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render.cpp:290:9
#17 0xaa3ecc in ContinueSingleObject /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render.cpp:317:12
#18 0xab42f4 in Continue /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render.cpp:1083:13
#19 0xab2601 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/core/src/fpdfapi/fpdf_render/fpdf_render.cpp:1044:3
#20 0x520e01 in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/fpdfsdk/src/fpdfview.cpp:914:3
#21 0x51f65c in ?? /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/fpdfsdk/src/fpdfview.cpp:663:3
#22 0x4e927d in RenderPage /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/samples/pdfium_test.cc:408:3
#23 0x4ec517 in RenderPdf /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/samples/pdfium_test.cc:578:9
#24 0x4edd52 in main /mnt/data/b/build/slave/ASAN_Debug/build/src/out/Debug/../../third_party/pdfium/samples/pdfium_test.cc:697:7
#25 0x7fc0c2c2bec4 in __libc_start_main /build/eglibc-3GlaMS/eglibc-2.19/csu/libc-start.c:287:0
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/xgx/asan-linux-debug-378422/pdfium_test+0xd43710)
==2927==ABORTING
|
Deleted:
crash3.pdf
17.3 KB
|
Comment 1 by jialiul@chromium.org
, Mar 4 2016Owner: rohitrao@chromium.org