I guess, I have an explanation for the bug and why it is emerging again now and then.
... The memory location 0x80(%rdi) is written only once, that revealed that the libpoppler GlobalParams class constructor did not write it. In fact, the constructor is never called. Instead of that, the xpdf program brings an own and divergent version of the GlobalParams class, handling that over to libpoppler. Comparing the different definitions (xpdf/GlobalParams.h and poppler/GlobalParams.h) reveals, that xpdf class definition will copy boolean configuration values to that location, used by libpoppler to store textEncoding. ... See http://www.halfdog.net/Security/2012/XpdfCrashAnalysisUbuntuPrecise/ for full analysis. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/943195 Title: xpdf.real crashed with SIGSEGV in GooHash::hash() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xpdf/+bug/943195/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
