Date: Sat, 22 Apr 2017 20:03:32 +0800 From: Xiaobo Xiang <xiangxb2112@...il.com> To: Agostino Sarubbo <ago@...too.org> Cc: oss-security@...ts.openwall.com Subject: Re: CVE Request: podofo: stack overflow in PoDoFo::PdfParser::ReadDocumentStructure(PdfParser.cpp) Hello ago, They are two different issues, we could judge them by just checking the call stacks. I have the infinite recursion crash in the pdfpage too but I found your blog post so I ignored it. This is a different issue. Best Regards, Xiang Xiaobo 2017-04-22 19:46 GMT+08:00 Agostino Sarubbo <ago@...too.org>: > On Saturday 22 April 2017 11:02:21 Xiaobo Xiang wrote: > > There is a infinite recursion in > > PoDoFo::PdfParser::ReadDocumentStructure(PdfParser.cpp ) > > In the ReadDocumentStructure function > > I found it too time ago, but since upstream was unresponsive about....I > didn't > investigate, and then I didn't know if it has the same root cause of: > https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in- > podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/ > > -- > Agostino Sarubbo > Gentoo Linux Developer >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ