Bug#861738: [bug report][libpodofo]heap based overflow in ReadXRefStreamEntry

2017-05-04 Thread Mattia Rizzolo
Hi Xiaobo! On Wed, May 03, 2017 at 06:55:49PM +0800, Xiaobo Xiang wrote: > I've found a heap based buffer overflow in libpodofo Thank you for the bug report! > Please feel free to ask me if you have further question about this report. These days I'm running low on spare time, so I'd like you to

Bug#861738: [bug report][libpodofo]heap based overflow in ReadXRefStreamEntry

2017-05-03 Thread Xiaobo Xiang
Package: libpodofo Version: 0.9.5 [summary] I've found a heap based buffer overflow in libpodofo using libFuzzer. PdfXRefStreamParserObject::ReadXRefStreamEntry(src/base/PdfXRefStreamParserObject.cpp:224) [details] in function PdfXRefStreamParserObject::ReadXRefTable(), the program get nW[] array