This is a typical bug with one liner patch =) Reproducible: Always Steps to Reproduce: 1. htmldoc -f my.pdf *.html 2. 3. Actual Results: SEGFAULT Expected Results: PDF should be created
Created attachment 151059 [details, diff] render_contents() patch
Thanks for your report, but have you tried contacting the upstream developers first? They should directly fix their code, so every distro benefits from the fix, instead of just patching the Gentoo version.
No, I haven't contacted the upstream developers, can you please try it?
Hmm, for using their bug report system you need to be registered :/ Carlo, as the maintainer, do you have an account by any chance?
Have you managed to succeed in your attempts to contact upstream? Is there any minimal test case available that reproduces the issue? Thanks!
So did anyone contact upstream yet? Carlo? Marek, do you have a testcase for this?
It is my understanding that exploitation of this error would not allow execution of arbitrary code due to the fact the buffer is just read over its boundaries, but not accessed with a write operation. Since we do not treat user-assisted DoS in user applications as security issues, I will reassign this bug to the maintainer. Marek, could you please attach the file that caused the segfault, or mail it to security@g.o ? Plus, I have contacted upstream.
upstream bug: http://www.htmldoc.org/str.php?L183
This bug shell hit your eye, you don't really need any test case, nor patch from the author. Function render_contents() doesn't check the number of headings, it naively tries to read an index out of bounds, then crashes. With my patch, it checks the bounds before reading. Every programmer must recognize this is extremely obvious. I couldn't believe my patch hasn't been accepted yet. Now, I cannot be more helpful, since I already deleted that ebook (testcase).
This bug has been resolved upstream, but not within Gentoo. Upstream accepted the patch, it can be found in revision 1579 at http://svn.easysw.com/public/htmldoc/
+*htmldoc-1.8.27-r3 (11 Feb 2012) + + 11 Feb 2012; Pacho Ramos <pacho@gentoo.org> +files/htmldoc-1.8.27-crash.patch, + +htmldoc-1.8.27-r3.ebuild: + Fix crash, bug #219373 by Marek Cruz. + Arches, please test and mark it stable
scanelf shows the following missing dependencies. sys-libs/zlib-1.2.5-r2 x11-libs/libXpm-3.5.9
(In reply to comment #12) > scanelf shows the following missing dependencies. > > sys-libs/zlib-1.2.5-r2 > x11-libs/libXpm-3.5.9 apart this amd64 is ok
amd64 stable
Stable for HPPA.
x86 stable
Stable on alpha.
ia64/sparc stable
ppc done
+ 06 May 2012; Kacper Kowalik <xarthisius@gentoo.org> -htmldoc-1.8.27-r2.ebuild, + htmldoc-1.8.27-r3.ebuild: + ppc64 stable wrt #219373, drop old