On 10/29/2016 12:28 AM, Albert Astals Cid wrote:
El dijous, 27 d’octubre de 2016, a les 15:39:39 CEST, Michael Stahl va
escriure:
hi,

003 is already fixed in our code, for 4 and 5, can we have files that show
those ubsan errors?

* For
0004-Work-around-fsanitize-shift.patch, an input file that shows the error is <https://cgit.freedesktop.org/libreoffice/core/plain/sd/qa/unit/data/pdf/txtpic.pdf?id=acf531be6a423f9b74997b29a8cafe82aa18423c>:

Stream.cc:2975:35: runtime error: left shift of negative value -35
    #0 0x9068c3 in DCTStream::readProgressiveDataUnit(DCTHuffTable*, 
DCTHuffTable*, int*, int*) 
workdir/UnpackedTarball/poppler/poppler/Stream.cc:2975:35
    #1 0x8f2e23 in DCTStream::readScan() 
workdir/UnpackedTarball/poppler/poppler/Stream.cc:2867:13
    #2 0x8eeb9e in DCTStream::reset() 
workdir/UnpackedTarball/poppler/poppler/Stream.cc:2556:7
    #3 0x5b02b9 in pdfi::PngHelper::createPng(std::__debug::vector<unsigned char, 
std::allocator<unsigned char> >&, Stream*, int, int, GfxImageColorMap*, Stream*, 
int, int, GfxImageColorMap*) sdext/source/pdfimport/xpdfwrapper/pnghelper.cxx:253:13
    #4 0x551439 in pdfi::writePng_(std::__debug::vector<unsigned char, 
std::allocator<unsigned char> >&, Stream*, int, int, GfxImageColorMap*, Stream*, 
int, int, GfxImageColorMap*, bool) sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:365:5
    #5 0x563fe5 in pdfi::PDFOutDev::drawSoftMaskedImage(GfxState*, Object*, 
Stream*, int, int, GfxImageColorMap*, bool, Stream*, int, int, 
GfxImageColorMap*, bool) 
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:1066:5
    #6 0x7a67c5 in Gfx::doImage(Object*, Stream*, bool) 
workdir/UnpackedTarball/poppler/poppler/Gfx.cc:4700:7
    #7 0x763746 in Gfx::opXObject(Object*, int) 
workdir/UnpackedTarball/poppler/poppler/Gfx.cc:4207:7
    #8 0x77f7a2 in Gfx::go(bool) 
workdir/UnpackedTarball/poppler/poppler/Gfx.cc:763:7
    #9 0x77f10f in Gfx::display(Object*, bool) 
workdir/UnpackedTarball/poppler/poppler/Gfx.cc:729:3
    #10 0x88b0e6 in Page::displaySlice(OutputDev*, double, double, int, bool, 
bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, 
void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/Page.cc:601:10
    #11 0x88ac46 in Page::display(OutputDev*, double, double, int, bool, bool, 
bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) 
workdir/UnpackedTarball/poppler/poppler/Page.cc:521:3
    #12 0x897596 in PDFDoc::displayPage(OutputDev*, int, double, double, int, 
bool, bool, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) 
workdir/UnpackedTarball/poppler/poppler/PDFDoc.cc:491:20
    #13 0x5dbeb5 in main 
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx:142:14
    #14 0x7f0074071730 in __libc_start_main (/lib64/libc.so.6+0x20730)
    #15 0x459e48 in _start (instdir/program/xpdfimport+0x459e48)

* For 0005-Avoid-UBSan-warning-about-undefined-downcast.patch, an input file that shows the error is <https://cgit.freedesktop.org/libreoffice/core/plain/xmlsecurity/qa/unit/pdfsigning/data/good.pdf?id=acf531be6a423f9b74997b29a8cafe82aa18423c> (and the error is as given in the patch's commit message).

(In both cases. what the corresponding LibreOffice test code does is call a LibreOffice helper executable instdir/program/xpdfimport, which in turn calls into poppler, with two arguments, the pathname of the respective .pdf input file and instdir/share/xpdfimport/xpdfimport_err.pdf, where the latter is a pre-generated file that is returned upon running into an error, and an empty newline input on stdin, as that xpdfimport process expects a password there in case of encrypted documents.)

we have some patches to build our bundled poppler library in LibreOffice
that may be of general interest, see attachments.

_______________________________________________
poppler mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/poppler

Reply via email to