Headline
CVE-2022-41844: segmemtation fault at xpdf-4.04/xpdf/AcroForm.cc:538 - forum.xpdfreader.com
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.
ycdxsb
Posts: 2
Joined: Wed Jul 13, 2022 2:09 am
segmemtation fault at xpdf-4.04/xpdf/AcroForm.cc:538
version:4.04
reproduce: pdftotext poc.pdf
Code: Select all
pwndbg> bt
#0 0x000055555561d7c9 in gAtomicIncrement (counter=<error reading variable: Cannot access memory at address 0x7fffff7feff0>) at /root/xpdf-4.04/goo/GMutex.h:67
#1 0x000055555561d832 in Dict::incRef (this=0x5555557d1960) at /root/xpdf-4.04/xpdf/Dict.h:40
#2 0x000055555568a4d5 in Object::copy (this=0x5555557b7bc8, obj=0x7fffff7ff1b0) at /root/xpdf-4.04/xpdf/Object.cc:93
#3 0x00005555556b2f47 in XRef::fetch (this=0x5555557b74e0, num=233, gen=0, obj=0x7fffff7ff1b0, recursion=0) at /root/xpdf-4.04/xpdf/XRef.cc:1212
#4 0x000055555568a575 in Object::fetch (this=0x5555557cfaf8, xref=0x5555557b74e0, obj=0x7fffff7ff1b0, recursion=0) at /root/xpdf-4.04/xpdf/Object.cc:116
#5 0x000055555561d6b1 in Dict::lookup (this=0x5555557cebb0, key=0x5555556dd841 "Parent", obj=0x7fffff7ff1b0, recursion=0) at /root/xpdf-4.04/xpdf/Dict.cc:125
#6 0x000055555568b126 in Object::dictLookup (this=0x7fffff7ff1c0, key=0x5555556dd841 "Parent", obj=0x7fffff7ff1b0, recursion=0) at /root/xpdf-4.04/xpdf/Object.h:267
#7 0x00005555555fad06 in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff250) at /root/xpdf-4.04/xpdf/AcroForm.cc:538
#8 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff2d0) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#9 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff350) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#10 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff3d0) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#11 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff450) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#12 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff4d0) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#13 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff550) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
#14 0x00005555555fad9b in AcroForm::scanField (this=0x5555557b6b60, fieldRef=0x7fffff7ff5d0) at /root/xpdf-4.04/xpdf/AcroForm.cc:548
Attachments
poc.pdf.zip
(30.31 KiB) Downloaded 121 times
Related news
Gentoo Linux Security Advisory 202409-25
Gentoo Linux Security Advisory 202409-25 - Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. Versions greater than or equal to 4.05 are affected.