제출 #34855: When PCL is converted to PDF in Ghostscript, improper release of objects causes hanging정보

제목	When PCL is converted to PDF in Ghostscript, improper release of objects causes hanging
설명	Project vendor：https://www.ghostscript.com/releases/index.html OS:ubuntu 21.10 Software Version: 9.55.0 POC Link：https://bugs.ghostscript.com/attachment.cgi?id=22323 Command: ./gpcl6 -q -o out.pdf "-sDEVICE=pdfwrite" example.pcl In gsmchunk.c, the chunk_free_object function was suspended due to improper object release ==2125075==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x000000b35e68 bp 0x6310005e5118 sp 0x7fffffffd260 T0) ==2125075==The signal is caused by a READ memory access. ==2125075==Hint: address points to the zero page. #0 0xb35e68 in CMP_SIZE /home/user/ghostpdl-9.55.0/./base/gsmchunk.c:423:12 #1 0xb35e68 in remove_free_size /home/user/ghostpdl-9.55.0/./base/gsmchunk.c:696:13 #2 0xb35e68 in chunk_free_object /home/user/ghostpdl-9.55.0/./base/gsmchunk.c:1244:13 #3 0x2adfedd in free_pjl_environment /home/user/ghostpdl-9.55.0/./pcl/pl/pjparse.c:1733:9 #4 0x2adfedd in pjl_set_init_from_defaults /home/user/ghostpdl-9.55.0/./pcl/pl/pjparse.c:1189:16 #5 0x2be7e9b in revert_to_pjli /home/user/ghostpdl-9.55.0/./pcl/pl/plmain.c:391:12 #6 0x2be7e9b in pl_main_run_file_utf8 /home/user/ghostpdl-9.55.0/./pcl/pl/plmain.c:1026:13 #7 0x2be2f28 in pl_main_process_options /home/user/ghostpdl-9.55.0/./pcl/pl/plmain.c:2875:24 #8 0x2be2f28 in pl_main_init_with_args /home/user/ghostpdl-9.55.0/./pcl/pl/plmain.c:327:12 #9 0x2bdee93 in main /home/user/ghostpdl-9.55.0/./pcl/pl/realmain.c:35:12 #10 0x7ffff798ffcf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #11 0x7ffff799007c in __libc_start_main csu/../csu/libc-start.c:409:3 #12 0x51b994 in _start (/home/user/ghostpdl/bin/gpcl6+0x51b994) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/user/ghostpdl-9.55.0/./base/gsmchunk.c:423:12 in CMP_SIZE ==2125075==ABORTING Private report link ： https://bugs.ghostscript.com/show_bug.cgi?id=705156 Status: RESOLVED FIXED https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e1134d375e2c https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2dbc87e52c59
원천	⚠️ https://bugs.ghostscript.com/show_bug.cgi?id=705156
사용자	patchkey (UID 25647)
제출	2022. 04. 14. AM 04:40 (4 연령 ago)
모더레이션	2022. 04. 14. AM 07:18 (3 hours later)
상태	수락
VulDB 항목	197290 [GhostPCL 9.55.0 gsmchunk.c chunk_free_object 메모리 손상]
포인트들	17

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!