Created attachment 66450
Check for NaN in TextPage::addChar
I don't think this is related to my earlier patch. For me, this pdf
crashes both with and without it. This document is doing very strange
things with the current transformation matrix (CTM) and inline images.
Pages 6 and 15 are filled with lines like this:
q 18 0 0 -1 2782 6350 cm
q BI
<IMAGE DICT>
ID <IMAGE DATA>
EI Q
q 19 0 0 -1 2782 6350 cm
q BI
<IMAGE DICT>
ID <IMAGE DATA>
EI Q
Note the unbalanced q/Q for saving/restoring the graphics state. This
means that the graphics state is not ever being properly restored and
the `cm' operator is scaling the CTM until its components become NaN.
This leads to TextWord::base being NaN. This breaks calculations in
TextPool::addWord, causing wordBaseIdx to be INT_MIN, causing the text
pool to not be initialized to NULLs, which causes a crash when an
invalid pointer is read and dereferenced from the pool.
As a test, adding a call to restoreState() in Gfx::opBeginImage allows
the page to render properly and without crashing. Otherwise, poppler
either crashes or places text in an invalid location.
The attached patch adds a check for NaN to TextPage::addChar and throws
away chars with invalid positions.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/39890
Title:
characters change when selecting text
To manage notifications about this bug go to:
https://bugs.launchpad.net/poppler/+bug/39890/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
