Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

djvu

version

djvu Commit-6630c7

description

DjVu is a web-centric format for distributing documents and images. DjVu was created at AT&T Labs-Research and later sold to LizardTech Inc. DjVuLibre is a GPL implementation of DjVu maintained by the original inventors of DjVu.

download link

https://sourceforge.net/p/djvu/djvulibre-git/ci/master/tree/

others

please send email to  teamseri0us360@gmail.com if you have any questions.

DJVU::filter_fv@IW44EncodeCodec.cpp:499-43___SEGV_UNKNOW

description

An issue was discovered in djvu Commit-6630c7, There is a null pointer dereference in function DJVU::filter_fv at IW44EncodeCodec.cpp:499-43

commandline

c44 @@ /dev/null

source

 495                 while (q<e)
 496                   {
 497                     int a = (q1 ? (int)(*q1) : 0);
 498                     int b = (q3 ? (int)(*q3) : 0);
> 499                     *q += (((a<<3)+a-b+16)>> \*bug=>*\ 5);
 500                     q += scale;
 501                     if (q1) q1 += scale;
 502                     if (q3) q3 += scale;
 503                   }
 504               }

bug report

ASAN:DEADLYSIGNAL
=================================================================
==12685==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f1b5629a823 bp 0x000000000000 sp 0x7fff758cd6f0 T0)
    #0 0x7f1b5629a822 in DJVU::filter_fv(short*, int, int, int, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:499:43
    #1 0x7f1b5629a822 in DJVU::IW44Image::Transform::Encode::forward(short*, int, int, int, int, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:609
    #2 0x7f1b5629f550 in DJVU::IW44Image::Map::Encode::create(signed char const*, int, signed char const*, int) /src/djvu/libdjvu/IW44EncodeCodec.cpp:958:7
    #3 0x7f1b562b0f40 in DJVU::IWPixmap::Encode::init(DJVU::GPixmap const&, DJVU::GP<DJVU::GBitmap>, DJVU::IWPixmap::Encode::CRCBMode) /src/djvu/libdjvu/IW44EncodeCodec.cpp:1622:3
    #4 0x7f1b562af4af in DJVU::IW44Image::create_encode(DJVU::GPixmap const&, DJVU::GP<DJVU::GBitmap>, DJVU::IW44Image::CRCBMode) /src/djvu/libdjvu/IW44EncodeCodec.cpp:1563:3
    #5 0x4fa11f in main /src/djvu/tools/c44.cpp:761:16
    #6 0x7f1b54c3482f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
    #7 0x41a778 in _start (/src/aflbuild/installed/bin/c44+0x41a778)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/djvu/libdjvu/IW44EncodeCodec.cpp:499:43 in DJVU::filter_fv(short*, int, int, int, int)
==12685==ABORTING

others

from fuzz project pwd-djvu-c44-00
crash name pwd-djvu-c44-00-00000000-20190928.pnm
Auto-generated by pyspider at 2019-09-28 05:14:39

please send email to  teamseri0us360@gmail.com if you have any questions.

Issue: https://sourceforge.net/p/djvu/bugs/309/