Ubuntu
poppler package

pdftotext crashed with signal 24 in Lexer::lookChar()

Bug #376799 reported by Laurent Bonnaud on 2009-05-15

This bug report is a duplicate of: Bug #450795: trackerd causes the death of pdftotext and odt2txt processes with signal 24. Edit Remove

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	Poppler	Confirmed	Unknown	freedesktop-bugs #21754
	poppler (Ubuntu)	Triaged	Medium	Ubuntu Desktop Bugs

Bug Description

This crashed occurred while tracker was indexing my homedir. I'm tagging this as a security vulnerability since receiving a PDF file by email is enough to trigger it.

ProblemType: Crash
Architecture: i386
CrashCounter: 1
DistroRelease: Ubuntu 9.04
ExecutablePath: /usr/bin/pdftotext
Package: poppler-utils 0.10.5-1ubuntu2 [modified: usr/bin/pdffonts usr/bin/pdfimages usr/bin/pdfinfo usr/bin/pdftops usr/bin/pdftotext usr/bin/pdftohtml usr/bin/pdftoppm usr/bin/pdftoabw]
ProcCmdline: pdftotext -enc UTF-8 -q -nopgbrk /home/User Name/theses/B.Louvat/References/2001_these_mezouar.pdf -
ProcEnviron:
LC_PAPER=fr_FR.UTF-8
SHELL=/bin/bash
PATH=(custom, user)
LC_COLLATE=C
LANG=en_US.UTF-8
Signal: 24
SourcePackage: poppler
StacktraceTop:
Lexer::lookChar (this=<value optimized out>) at Lexer.cc:148
Lexer::getObj (this=<value optimized out>,
Parser::shift (this=<value optimized out>, objNum=)
Parser::getObj (this=<value optimized out>,
Lexer::lookChar (this=<value optimized out>) at Lexer.cc:148
Title: pdftotext crashed with signal 24 in Lexer::lookChar()
Uname: Linux 2.6.28-12-generic i686
UserGroups: adm admin audio cdrom dialout dip floppy fuse kvm lpadmin plugdev pulse pulse-access pulse-rt scanner staff video

Tags:

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15:

CoreDump.gz Edit (462.7 KiB, application/x-gzip)
Dependencies.txt Edit (3.3 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (6.7 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (820 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (2.6 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (955 bytes, text/plain; charset="utf-8")

visibility:

private → public

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15:

2001_these_mezouar.pdf Edit (16.2 MiB, application/pdf)

File to reproduce the crash.

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15:

Here is the minimal command to reproduce the crash:

pdftotext -q nopgbrk 2001_these_mezouar.pdf

With the "-q nopgbrk" the crash does not happen.

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15:

> With the "-q nopgbrk" the crash does not happen.

I mean "Without".

Revision history for this message

Apport retracing service (apport) wrote on 2009-05-15: Stacktrace.txt (retraced)

Stacktrace.txt (retraced) Edit (830 bytes, text/plain)

StacktraceTop:?? ()
?? ()
?? ()
?? ()
?? ()

Revision history for this message

Apport retracing service (apport) wrote on 2009-05-15: ThreadStacktrace.txt (retraced)

ThreadStacktrace.txt (retraced) Edit (857 bytes, text/plain)

tags:	added: apport-failed-retrace
tags:	removed: need-i386-retrace

Revision history for this message

Sebastien Bacher (seb128) wrote on 2009-05-15:

Thank you for your bug report, triggering a local indexer crash by email doesn't mean there is a security issue, that would neither give access to the system nor create any visible effect out of the apport dialog for people enable it

security vulnerability:

yes → no

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15: Re: [Bug 376799] Re: pdftotext crashed with signal 24 in Lexer::lookChar()

On Fri, 2009-05-15 at 08:41 +0000, Sebastien Bacher wrote:
>
> Thank you for your bug report, triggering a local indexer crash by
> email
> doesn't mean there is a security issue,

You are right. I am so used to seeing signal 11 in crashes, that I
overlooked the fact that this one is signal 24.

--
Laurent Bonnaud.
http://www.lis.inpg.fr/pages_perso/bonnaud/

Revision history for this message

Laurent Bonnaud (laurent-bonnaud) wrote on 2009-05-15:

The real problem is therefore as follows:

- the command "pdftotext 2001_these_mezouar.pdf " produces a text file that contains no recognizable text

- command line options are irrelevant

Pedro Villavicencio (pedro) on 2009-05-15

Changed in poppler (Ubuntu):
importance:	Undecided → Medium

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2009-05-15:

#10

Those are two different issues, this report is about the pdftotext crashing with that particular pdf (which i cannot reproduce btw), the other part pdftotext not returning readable txt file is another bug, please open a new one about it.

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2009-05-15:

#11

I've sent this upstream at: https://bugs.freedesktop.org/show_bug.cgi?id=21754