Hello, While fuzzing htmldoc , I found aSEGV in file_extension function in file.c:337:29
test platform
htmldoc Version 1.9.12 git [master 6898d0a]
OS :Ubuntu 20.04.1 LTS x86_64
kernel: 5.4.0-53-generic
compiler: clang version 10.0.0-4ubuntu1
reproduced:
htmldoc -f demo.pdf poc8.html
poc(zipped for update): poc8.zip
=================================================================
==38294==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x00000059da5a bp 0x7fff321dba90 sp 0x7fff321d9150 T0)
==38294==The signal is caused by a WRITE memory access.
==38294==Hint: address points to the zero page.
#0 0x59da59 in file_extension /home//htmldoc_sani/htmldoc/file.c:337:29
#1 0x5521fc in pdf_write_links(_IO_FILE*) /home//htmldoc_sani/htmldoc/ps-pdf.cxx:3424:26
#2 0x5521fc in pdf_write_document(unsigned char*, unsigned char*, unsigned char*, unsigned char*, unsigned char*, unsigned char*, tree_str*, tree_str*) /home//htmldoc_sani/htmldoc/ps-pdf.cxx:2295
#3 0x5521fc in pspdf_export /home//htmldoc_sani/htmldoc/ps-pdf.cxx:910
#4 0x53c845 in main /home//htmldoc_sani/htmldoc/htmldoc.cxx:1291:3
#5 0x7f91f2fee0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
#6 0x41f8bd in _start (/home//htmldoc_sani/htmldoc/htmldoc+0x41f8bd)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home//htmldoc_sani/htmldoc/file.c:337:29 in file_extension
==38294==ABORTING
Hello, While fuzzing htmldoc , I found aSEGV in file_extension function in file.c:337:29
htmldoc Version 1.9.12 git [master 6898d0a]
OS :Ubuntu 20.04.1 LTS x86_64
kernel: 5.4.0-53-generic
compiler: clang version 10.0.0-4ubuntu1
reproduced:
htmldoc -f demo.pdf poc8.html
poc(zipped for update):
poc8.zip
reporter: chiba of topsec alphalab
The text was updated successfully, but these errors were encountered: