Public bug reported:
Ghostscript 9.26 is seeing a segfault when MaxBitmap is too high
combined with pngalpha and FirstPage settings. I've seen this on two
very different PDFs from different sources.
Running on Ubuntu 18.04
Command run:
% gs -dMaxBitmap=50000000 '-sDEVICE=pngalpha' -dFirstPage=1
'-sOutputFile=out.pdf' -fin.pdf
Causes a segfault
Changing MaxBitmap (or removing either of the pngalpha or FirstPage
options!?) takes away the seg fault. For example, this will pass:
% gs -dMaxBitmap=10000000 '-sDEVICE=pngalpha' -dFirstPage=1
'-sOutputFile=out.pdf' -fin.pdf
Backtrace on non-debug version when segfaulting:
#0 0xb73a5ce9 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#1 0xb72351f4 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#2 0xb71b26c3 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#3 0xb71b8558 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#4 0xb71b9d29 in send_pdf14trans () from /usr/lib/i386-linux-gnu/libgs.so.9
#5 0xb719f1c1 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#6 0xb71a0357 in gs_pop_pdf14trans_device () from
/usr/lib/i386-linux-gnu/libgs.so.9
#7 0xb74e5afc in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#8 0xb748f07e in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#9 0xb748f49f in gs_interpret () from /usr/lib/i386-linux-gnu/libgs.so.9
#10 0xb7481c30 in gs_main_run_string_end () from
/usr/lib/i386-linux-gnu/libgs.so.9
#11 0xb7481cbc in gs_main_run_string_with_length () from
/usr/lib/i386-linux-gnu/libgs.so.9
#12 0xb7481d03 in gs_main_run_string () from /usr/lib/i386-linux-gnu/libgs.so.9
#13 0xb7483918 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#14 0xb7483a8d in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#15 0xb7483b64 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#16 0xb7484337 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#17 0xb74852d0 in gs_main_init_with_args () from
/usr/lib/i386-linux-gnu/libgs.so.9
#18 0xb7486b82 in gsapi_init_with_args () from
/usr/lib/i386-linux-gnu/libgs.so.9
#19 0x00400835 in ?? ()
#20 0xb6f0be81 in __libc_start_main (main=0x400780, argc=6, argv=0xbffff704,
init=0x400aa0, fini=0x400b00,
** Affects: ghostscript (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ghostscript in Ubuntu.
https://bugs.launchpad.net/bugs/1807271
Title:
MaxBitmap causing segmentation fault
Status in ghostscript package in Ubuntu:
New
Bug description:
Ghostscript 9.26 is seeing a segfault when MaxBitmap is too high
combined with pngalpha and FirstPage settings. I've seen this on two
very different PDFs from different sources.
Running on Ubuntu 18.04
Command run:
% gs -dMaxBitmap=50000000 '-sDEVICE=pngalpha' -dFirstPage=1
'-sOutputFile=out.pdf' -fin.pdf
Causes a segfault
Changing MaxBitmap (or removing either of the pngalpha or FirstPage
options!?) takes away the seg fault. For example, this will pass:
% gs -dMaxBitmap=10000000 '-sDEVICE=pngalpha' -dFirstPage=1
'-sOutputFile=out.pdf' -fin.pdf
Backtrace on non-debug version when segfaulting:
#0 0xb73a5ce9 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#1 0xb72351f4 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#2 0xb71b26c3 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#3 0xb71b8558 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#4 0xb71b9d29 in send_pdf14trans () from /usr/lib/i386-linux-gnu/libgs.so.9
#5 0xb719f1c1 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#6 0xb71a0357 in gs_pop_pdf14trans_device () from
/usr/lib/i386-linux-gnu/libgs.so.9
#7 0xb74e5afc in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#8 0xb748f07e in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#9 0xb748f49f in gs_interpret () from /usr/lib/i386-linux-gnu/libgs.so.9
#10 0xb7481c30 in gs_main_run_string_end () from
/usr/lib/i386-linux-gnu/libgs.so.9
#11 0xb7481cbc in gs_main_run_string_with_length () from
/usr/lib/i386-linux-gnu/libgs.so.9
#12 0xb7481d03 in gs_main_run_string () from
/usr/lib/i386-linux-gnu/libgs.so.9
#13 0xb7483918 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#14 0xb7483a8d in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#15 0xb7483b64 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#16 0xb7484337 in ?? () from /usr/lib/i386-linux-gnu/libgs.so.9
#17 0xb74852d0 in gs_main_init_with_args () from
/usr/lib/i386-linux-gnu/libgs.so.9
#18 0xb7486b82 in gsapi_init_with_args () from
/usr/lib/i386-linux-gnu/libgs.so.9
#19 0x00400835 in ?? ()
#20 0xb6f0be81 in __libc_start_main (main=0x400780, argc=6, argv=0xbffff704,
init=0x400aa0, fini=0x400b00,
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/1807271/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
