<div dir="ltr">These seem really useful, provided the tool gives a bit deeper of a stack dump.<div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Dec 16, 2020 at 11:29 AM Albert Astals Cid <<a href="mailto:aacid@kde.org">aacid@kde.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">We recently added fuzzing to the cairo renderer in poppler and we're getting quite some issues like<br>
<br>
==937==ERROR: AddressSanitizer: SEGV on unknown address 0x621ffffffbf1 (pc 0x00000128668c bp 0x7fff021c0130 sp 0x7fff021c0130 T0)<br>
The signal is caused by a READ memory access.<br>
#0 0x128668c in get_unaligned_be16 cairo/src/cairoint.h:254:12<br>
<br>
==16677==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61e000000ab0 at pc 0x000001284abe bp 0x7ffcd2a139c0 sp 0x7ffcd2a139b8<br>
WRITE of size 4 at 0x61e000000ab0 thread T0<br>
#0 0x1284abd in cairo_cff_font_read_fdselect cairo/src/cairo-cff-subset.c:995:35<br>
<br>
==82684==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x000001183711 bp 0x7fff8230a940 sp 0x7fff8230a840 T0)<br>
The signal is caused by a READ memory access.<br>
#0 0x1183711 in cairo_cff_font_subset_charstrings_and_subroutines cairo/src/cairo-cff-subset.c:1792:45<br>
<br>
Anyone interested in the full traces/files to reproduce those issues?<br>
<br>
Cheers,<br>
Albert<br>
<br>
<br>
-- <br>
cairo mailing list<br>
<a href="mailto:cairo@cairographics.org" target="_blank">cairo@cairographics.org</a><br>
<a href="https://lists.cairographics.org/mailman/listinfo/cairo" rel="noreferrer" target="_blank">https://lists.cairographics.org/mailman/listinfo/cairo</a><br>
</blockquote></div>