| Title | ArtifexSoftware GhostPDL 3989415a5b8e99b9d1b87cc9902bde9b7cdea145 NULL Pointer Dereference |
|---|
| Description | We recently identified a bug in the latest version of the GhostPDL project. In devices/vector/gdevpdf.c, a null pointer dereference exception is triggered on line 2912, in the pdf_ferrorfunction. The cause appears to originate from the pdf_open function on line 2003, where the presence of a parent device causes the code to skip file initialization, leaving pdev->file as null. Later, pdf_ferror unconditionally calls gp_fflush(pdev->file) without checking for null, inducing the crash. The below reference lines may be helpful:
https://github.com/ArtifexSoftware/ghostpdl/blob/22ba380480b6afe32331bc7ce918c2123fb89ae3/devices/vector/gdevpdf.c#L2912
https://github.com/ArtifexSoftware/ghostpdl/blob/22ba380480b6afe32331bc7ce918c2123fb89ae3/devices/vector/gdevpdf.c#L2003
The team has already fixed this issue in this commit: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=619a106ba4c4 |
|---|
| User | CyberGym (UID 87553) |
|---|
| Submission | 07/06/2025 20:14 (11 months ago) |
|---|
| Moderation | 07/11/2025 13:29 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316113 [Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145 New Output File Open Error devices/vector/gdevpdf.c pdf_ferror null pointer dereference] |
|---|
| Points | 17 |
|---|