Hello zyx, hello Mattia, hello all, > zyx <z...@gmx.us> has written on 14 January 2018 at 11:23: > > > On Wed, 2017-12-27 at 09:16 +0100, Mattia Rizzolo wrote: > > Somebody attached to the Debian bug http://bugs.debian.org/860995 a > > patch for CVE-2017-8054. > > Hi, > thanks for the patch (and its forward). I gave it a try, but it doesn't > work, not for the PoC referenced from > https://security-tracker.debian.org/tracker/CVE-2017-8054 > > The code still crashes, even with the patch applied.
I finally got around to reproduce it (in a sandbox because of the strict security policy I'm under on "my" computer) because I'd also like this CVE fixed, the same as the patch submitter, and the results are: - it isn't a "crash" (segfault, abort by SIGABRT or similar) but a PdfError thrown with error code ePdfError_InvalidDataType (tested with podofogc) - the file PoC linked on that security-tracker page isn't a PoC (Proof of Concept) for the CVE-2017-8054 because the exception happens earlier than the CVE location in PdfPagesTree::GetPageNodeFromArray() is reached - the one "manipulation"/"fuzzing" in the file PoC linked there/I tested with which causes the exception is an invalid name as dictionary key in 32 0 obj (as a C string "/Le\x80\x00th" instead of valid "/Length", no exception with the latter, output written, I've made no other changes) @zyx: If the "crash" you mean is something else please speak up. Otherwise please accept (or test with a real PoC for this CVE) the patch, I'd really like to see it in svn r1872 (if it didn't consist of two logical changes, so it should be in two commits, if you see that also, then please put off committing it, but give the green light to Mattia first, please). > > Bye, > zyx > Best regards, mabri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users
