Package: gv Version: 1:3.7.4-1+b1 The attached file causes gv to segfault, in stretch and buster at least.
It has a syntactically invalid %%Page: dsc comment. Fixing that by
adding a page number, makes it work.
Salvatore Bonaccorso investigated:
> > AFAICS, the issue happens here in src/misc.c:
> >
> > 994 int i, j;
> > 995
> > 996 INFMESSAGE(toc available)
> > 997 if (doc->labels_useful) {
> > 998 for (i = 0; i < doc->numpages; i++)
> > 999 maxlen = max(maxlen,
> > (int)strlen(doc->pages[i].label));
> > 1000 } else {
> > 1001 double x;
> > 1002 x = doc->numpages;
> > 1003 maxlen = log10(x) + 1;
> >
> > where
> >
> > (gdb) print doc->pages[0].label
> > $1 = 0x0
Overall this is not a significant useability issue, nor does it seem
to be exploitable, but it is clearly undesirable.
Regards,
Ian.
gv-segfault.ps
Description: broken file
-- Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
