#311 DJVU::GMonitor::enter@GThreads.cpp:512-7___SEGV_UNKNOW

[pwd]

djvu

version

djvu Commit-6630c7

description

DjVu is a web-centric format for distributing documents and images. DjVu was created at AT&T Labs-Research and later sold to LizardTech Inc. DjVuLibre is a GPL implementation of DjVu maintained by the original inventors of DjVu.

download link

https://sourceforge.net/p/djvu/djvulibre-git/ci/master/tree/

others

please send email to  teamseri0us360@gmail.com if you have any questions.

---

DJVU::GMonitor::enter@GThreads.cpp:512-7___SEGV_UNKNOW

description

An issue was discovered in djvu Commit-6630c7, There is a/an SEGV_UNKNOW in function DJVU::GMonitor::enter at GThreads.cpp:512-7

commandline

djvm -c doc.djvu @@

source

 508 void 
 509 GMonitor::enter()
 510 {
 511   pthread_t self = pthread_self();
> 512   if (count>0 || !pthread_equal(locker, self))
 513     {
 514       if (ok)
 515         pthread_mutex_lock(&mutex);
 516       locker = self;
 517       count = 1;

//gdb-peda$ p locker
//Cannot access memory at address 0x18

bug report

[1-11705] Corrupted decoder input.
ASAN:DEADLYSIGNAL
=================================================================
==10725==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000014 (pc 0x7fb748e3806c bp 0x7fffecc7f4f0 sp 0x7fffecc7ee50 T0)
    #0 0x7fb748e3806b in DJVU::GMonitor::enter() /src/djvu/libdjvu/GThreads.cpp:512:7
    #1 0x7fb748ceb4bf in DJVU::GCriticalSection::lock() /src/djvu/libdjvu/./GThreads.h:436:7
    #2 0x7fb748ceb4bf in DJVU::GCriticalSectionLock::GCriticalSectionLock(DJVU::GCriticalSection*) /src/djvu/libdjvu/./GThreads.h:462
    #3 0x7fb748ceb4bf in DJVU::DjVuNavDir::get_pages_num() const /src/djvu/libdjvu/DjVuNavDir.cpp:153
    #4 0x7fb748c3b4da in DJVU::DjVuDocument::get_djvm_doc() /src/djvu/libdjvu/DjVuDocument.cpp:1723:40
    #5 0x7fb748c3d0e3 in DJVU::DjVuDocument::write(DJVU::GP<DJVU::ByteStream> const&, DJVU::GMap<DJVU::GUTF8String, void*> const&) /src/djvu/libdjvu/DjVuDocument.cpp:1767:3
    #6 0x7fb748bdf34e in DJVU::DjVuDocEditor::insert_group(DJVU::GList<DJVU::GURL> const&, int, void (*)(void*), void*) /src/djvu/libdjvu/DjVuDocEditor.cpp:825:11
    #7 0x4f03ff in create(DJVU::GArray<DJVU::GUTF8String>&) /src/djvu/tools/djvm.cpp:195:4
    #8 0x4f03ff in main /src/djvu/tools/djvm.cpp:303
    #9 0x7fb74781282f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
    #10 0x41a478 in _start (/src/aflbuild/installed/bin/djvm+0x41a478)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/djvu/libdjvu/GThreads.cpp:512:7 in DJVU::GMonitor::enter()
==10725==ABORTING

others

from fuzz project pwd-djvu-djvm-01
crash name pwd-djvu-djvm-01-00000002-20190927.djvu
Auto-generated by pyspider at 2019-09-27 09:02:06

please send email to  teamseri0us360@gmail.com if you have any questions.