Bug 501716

Summary: latest poppler security fix breaks compatibility with Xerox WorkCentre generated pdf documents
Product: Red Hat Enterprise Linux 5 Reporter: Tuomo Soini <tis>
Component: popplerAssignee: Marek Kašík <mkasik>
Status: CLOSED ERRATA QA Contact: Desktop QE <desktop-qa-list>
Severity: high Docs Contact:
Priority: urgent    
Version: 5.3CC: herrold, huzaifas, jplans, jrb, llim, tao, theo_nra, tpelka
Target Milestone: rcKeywords: Regression, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 575136 (view as bug list) Environment:
Last Closed: 2012-02-21 06:11:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 499522, 528146, 528147, 575136    
Attachments:
Description Flags
Sample pdf generated by xerox workcentre
none
more work done to the segment dict
none
a patch fixing reading of arithmetically encoded JBIG2 images with unknown length none

Description Tuomo Soini 2009-05-20 13:28:02 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Tuomo Soini 2009-05-20 13:31:44 UTC
poppler security fix version 0.5.4-4.4.el5_3.9 makes evince incapable in showing pdf documents generated by Xerox WorkCentre scanner.

previous version of poppler could show documents just fine.

Please fix this regression.

btw. fc10 poppler can handle these same files just fine.

Comment 2 Tuomo Soini 2009-05-20 13:33:19 UTC
Created attachment 344803 [details]
Sample pdf generated by xerox workcentre

Comment 7 Adam Stokes 2009-08-17 17:27:28 UTC
Created attachment 357677 [details]
more work done to the segment dict

Comment 8 Adam Stokes 2009-08-17 17:28:22 UTC
Im thinking the CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.patch was incomplete and I have created an additional patch based off poppler-0.5.4-8 in order to fix this bug.

Thanks,
Adam

Comment 10 Tuomo Soini 2009-08-18 11:47:37 UTC
Your additional patch doesn't apply rhel-5.3 poppler so I couldn't test it.

Comment 11 Adam Stokes 2009-08-18 13:27:03 UTC
If I got you some test packages would you be willing to test it?

Thanks,
Adam

Comment 12 Tuomo Soini 2009-08-18 14:29:39 UTC
Yes, of course. That's why I commented.

Comment 13 Adam Stokes 2009-08-18 14:37:28 UTC
Tuomo,

Here you go:

http://astokes.fedorapeople.org/rhbz501716/

I've provided the srpm as well if you wish to make anymore modifications to the patch or if you need to build for another arch.

Thanks,
Adam

Comment 16 Tuomo Soini 2009-08-20 05:45:57 UTC
Seems like test packages really do fix this issue. I was able to open my scanned documents without problems.

Comment 17 Adam Stokes 2009-08-20 13:40:57 UTC
Sounds good, I'll be in contact with the engineer to get this properly ack'd so it can make it into an update.

Thanks,
Adam

Comment 19 Christopher Aillon 2009-09-09 22:37:17 UTC
Marek, since you did the last few updates, can you look into this?

Comment 22 Marek Kašík 2009-09-18 10:22:42 UTC
Created attachment 361622 [details]
a patch fixing reading of arithmetically encoded JBIG2 images with unknown length

The problem here is that poppler doesn't read arithmetically encoded JBIG2 images
correctly. The pdf has generic region segment with length 0xffffffff which signals that actual length is not known and that there is a termination sequence at the end of the segment + 4 bytes long row count. The row count is not read as a part of this segment and poppler handles these 4 bytes as a beginning of a new segment. But the new segment has only 4 bytes, so, further reading raises EOF error.

Attached patch fixes this.

Marek

Comment 23 Tuomo Soini 2009-09-18 16:34:10 UTC
Marek, yes your fix seen to solve this problem. I applied that patch over latest rhel poppler and not it works for me.

Comment 36 errata-xmlrpc 2012-02-21 06:11:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0236.html