[bug #67295] [gropdf] warnings from Perl on corrupted font file

Wed, 09 Jul 2025 02:57:21 -0700 

URL:
  <https://savannah.gnu.org/bugs/?67295>

                 Summary: [gropdf] warnings from Perl on corrupted font file
                   Group: GNU roff
               Submitter: gbranden
               Submitted: Wed 09 Jul 2025 09:56:52 AM GMT
                Category: Driver gropdf
                Severity: 3 - Normal
              Item Group: Warning/Suspicious behaviour
                  Status: None
                 Privacy: Public
             Assigned to: deri
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Wed 09 Jul 2025 09:56:52 AM GMT By: G. Branden Robinson <gbranden>
Hi Deri,

I managed to find some more land mines.  I hand-edited a PFB and created some
excitement for _gropdf_.


Use of uninitialized value in subroutine entry at
/home/branden/src/GIT/groff/build/gropdf line 776.
Use of uninitialized value in subroutine entry at
/home/branden/src/GIT/groff/build/gropdf line 776.
Use of uninitialized value $body in substr at
/home/branden/src/GIT/groff/build/gropdf line 777.
substr outside of string at /home/branden/src/GIT/groff/build/gropdf line
777.
Use of uninitialized value $body in pattern match (m//) at
/home/branden/src/GIT/groff/build/gropdf line 778.
gropdf: warning: Unable to parse font 'Symbol-Slanted' for subsetting
Use of uninitialized value $body in concatenation (.) or string at
/home/branden/src/GIT/groff/build/gropdf line 859.
Use of uninitialized value $tail in concatenation (.) or string at
/home/branden/src/GIT/groff/build/gropdf line 859.


Here are the code neighborhoods in question.


$ nl -ba ./build/gropdf | sed -n '776,778p;859p'
   776              my
$b=($gotinline)?decrypt_exec_C($body,$l):decrypt_exec_P(\$body,$l);
   777              $body=substr($body,$lenIV);
   778              $body=~m/begin([\r\n]+)/;
   859              $obj[$fobj]->{STREAM}=$head.$body.$tail;


My guess is that the scalar `body` needs to be validated before use.







    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?67295>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/

Attachment: signature.asc
Description: PGP signature

Reply via email to