Hi Hanno
Thanks for your bug report. I think the mailing list is the best way to
report issues. It is far from dead and several persons are pretty active
(Thank you guys!).
I forward this to the list. Maybe someone there can have a look.
Regards
Dominik
Am 10.05.2015 10:07 schrieb "Hanno Böck" <ha...@hboeck.de>:
> Hi,
>
> Currently it seems there is no real way to report bugs for podofo (bug
> tracker closed for new bugs and mailing list dead).
>
> So I'm sending this via mail.
>
> The attached file segfault.pdf will (well...) segfault podofopdfinfo.
> Looks like a null pointer access.
>
> The other file will expose a heap overflow in the function
> ReadXRefSubsection. To see this one needs either address sanitizer or
> valgrind.
>
> I have attached both sample files and the output from address sanitizer.
>
> These were found through fuzzing podofo with the tool american fuzzy
> lop.
>
> cu,
> --
> Hanno Böck
> http://hboeck.de/
>
> mail/jabber: ha...@hboeck.de
> GPG: BBB51E42
>
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
