Bug ID 1032020
Summary VUL-1: CVE-2017-7381: podofo: four null pointer dereference
Classification openSUSE
Product openSUSE Distribution
Version Leap 42.2
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter mikhail.kasimov@gmail.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Ref: http://seclists.org/oss-sec/2017/q2/2
============================================
# podofotxtextract $FILE
==23885==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f44177e97b7 bp 0x7ffe130bed10 sp 
0x7ffe130beca0 T0)
==23885==The signal is caused by a READ memory access.
==23885==Hint: address points to the zero page.
    #0 0x7f44177e97b6 in PoDoFo::PdfPage::GetFromResources(PoDoFo::PdfName
const&, PoDoFo::PdfName const&) 
/tmp/portage/app-text/podofo-0.9.5/work/podofo-0.9.5/src/doc/PdfPage.cpp:609:23
    #1 0x51dda3 in TextExtractor::ExtractText(PoDoFo::PdfMemDocument*,
PoDoFo::PdfPage*) 
/tmp/portage/app-text/podofo-0.9.5/work/podofo-0.9.5/tools/podofotxtextract/TextExtractor.cpp:98:47
    #2 0x51d021 in TextExtractor::Init(char const*) 
/tmp/portage/app-text/podofo-0.9.5/work/podofo-0.9.5/tools/podofotxtextract/TextExtractor.cpp:48:15
    #3 0x539f6d in main 
/tmp/portage/app-text/podofo-0.9.5/work/podofo-0.9.5/tools/podofotxtextract/podofotxtextract.cpp:52:17
    #4 0x7f441585f6ff in __libc_start_main 
/tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289
    #5 0x420d48 in _start (/usr/bin/podofotxtextract+0x420d48)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/tmp/portage/app-text/podofo-0.9.5/work/podofo-0.9.5/src/doc/PdfPage.cpp:609:23
in 
PoDoFo::PdfPage::GetFromResources(PoDoFo::PdfName const&, 
PoDoFo::PdfName const&)
Reproducer:
https://github.com/asarubbo/poc/blob/master/00251-podofo-nullptr2
CVE:
CVE-2017-7381
============================================

You are receiving this mail because: