Skip to content

Latest commit

 

History

History
79 lines (53 loc) · 2.85 KB

DJVU__filter_fv@IW44EncodeCodec.cpp_499-43___SEGV_UNKNOW.md

File metadata and controls

79 lines (53 loc) · 2.85 KB

djvu

version

djvu Commit-6630c7

description

DjVu is a web-centric format for distributing documents and images. DjVu was created at AT&T Labs-Research and later sold to LizardTech Inc. DjVuLibre is a GPL implementation of DjVu maintained by the original inventors of DjVu.

download link

https://sourceforge.net/p/djvu/djvulibre-git/ci/master/tree/

others

please send email to  teamseri0us360@gmail.com if you have any questions.

DJVU::filter_fv@IW44EncodeCodec.cpp:499-43___SEGV_UNKNOW

description

An issue was discovered in djvu Commit-6630c7, There is a null pointer dereference in function DJVU::filter_fv at IW44EncodeCodec.cpp:499-43

commandline

c44 @@ /dev/null

source

 495                 while (q<e)
 496                   {
 497                     int a = (q1 ? (int)(*q1) : 0);
 498                     int b = (q3 ? (int)(*q3) : 0);
> 499                     *q += (((a<<3)+a-b+16)>> \*bug=>*\ 5);
 500                     q += scale;
 501                     if (q1) q1 += scale;
 502                     if (q3) q3 += scale;
 503                   }
 504               }

bug report

ASAN:DEADLYSIGNAL
=================================================================
==12685==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f1b5629a823 bp 0x000000000000 sp 0x7fff758cd6f0 T0)
    #0 0x7f1b5629a822 in DJVU::filter_fv(short*, int, int, int, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:499:43
    #1 0x7f1b5629a822 in DJVU::IW44Image::Transform::Encode::forward(short*, int, int, int, int, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:609
    #2 0x7f1b5629f550 in DJVU::IW44Image::Map::Encode::create(signed char const*, int, signed char const*, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:958:7
    #3 0x7f1b562b0f40 in DJVU::IWPixmap::Encode::init(DJVU::GPixmap const&, DJVU::GP<DJVU::GBitmap>, DJVU::IWPixmap::Encode::CRCBMode) /src/djvu/libdjvu/IW44EncodeCodec.cpp:1622:3
    #4 0x7f1b562af4af in DJVU::IW44Image::create_encode(DJVU::GPixmap const&, DJVU::GP<DJVU::GBitmap>, DJVU::IW44Image::CRCBMode) /src/djvu/libdjvu/IW44EncodeCodec.cpp:1563:3
    #5 0x4fa11f in main /src/djvu/tools/c44.cpp:761:16
    #6 0x7f1b54c3482f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
    #7 0x41a778 in _start (/src/aflbuild/installed/bin/c44+0x41a778)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/djvu/libdjvu/IW44EncodeCodec.cpp:499:43 in DJVU::filter_fv(short*, int, int, int, int)
==12685==ABORTING

others

from fuzz project pwd-djvu-c44-00
crash name pwd-djvu-c44-00-00000000-20190928.pnm
Auto-generated by pyspider at 2019-09-28 05:14:39

please send email to  teamseri0us360@gmail.com if you have any questions.

Issue: https://sourceforge.net/p/djvu/bugs/309/