*** This bug is a security vulnerability *** Public security bug reported:
evince crashes while displaying the attached PDF file (around page #79). To reproduce the crash you need to set the following environment variables: MALLOC_CHECK_=3 MALLOC_PERTURB_=117 ProblemType: Crash DistroRelease: Ubuntu 14.10 Package: evince 3.14.0-0ubuntu2 ProcVersionSignature: Ubuntu 3.16.0-18.25-generic 3.16.3 Uname: Linux 3.16.0-18-generic x86_64 ApportVersion: 2.14.7-0ubuntu2 Architecture: amd64 AssertionMessage: *** Error in `evince': free(): invalid pointer: 0x0000000002b5c6d0 *** CurrentDesktop: KDE Date: Wed Oct 1 15:33:51 2014 EcryptfsInUse: Yes ExecutablePath: /usr/bin/evince ProcCmdline: BOOT_IMAGE=/boot/vmlinuz-3.16.0-18-generic root=UUID=749a9901-bdd3-4b5f-b80e-69414667e058 ro quiet splash vt.handoff=7 Signal: 6 SourcePackage: evince StacktraceTop: __libc_message (do_abort=do_abort@entry=3, fmt=fmt@entry=0x7fc5a23b4a40 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175 malloc_printerr (ptr=<optimized out>, str=0x7fc5a23b0b19 "free(): invalid pointer", action=3) at malloc.c:4996 free_check (mem=<optimized out>, caller=<optimized out>) at hooks.c:298 TextPage::getSelectionText (this=<optimized out>, selection=selection@entry=0x7fc592ed1b80, style=style@entry=selectionStyleGlyph) at TextOutputDev.cc:4762 poppler_page_get_selected_text (page=page@entry=0x20bbb80, style=style@entry=POPPLER_SELECTION_GLYPH, selection=selection@entry=0x7fc592ed1bd0) at poppler-page.cc:824 Title: evince assert failure: *** Error in `evince': free(): invalid pointer: 0x0000000002b5c6d0 *** UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm autopilot cdrom dip fuse libvirtd lpadmin plugdev sambashare staff sudo ** Affects: poppler (Ubuntu) Importance: Undecided Status: Confirmed ** Tags: amd64 apparmor apport-crash gnome3-ppa need-amd64-retrace third-party-packages utopic ** Information type changed from Private Security to Public Security ** Package changed: evince (Ubuntu) => poppler (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1376265 Title: evince assert failure: *** Error in `evince': free(): invalid pointer: 0x0000000002b5c6d0 *** To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1376265/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs