Bug 699661

Summary: pdf14 garbage collection memory corruption
Product: Ghostscript Reporter: Tavis Ormandy <taviso>
Component: Security (public)Assignee: Chris Liddell (chrisl) <chris.liddell>
Status: NOTIFIED FIXED    
Severity: major CC: cbuissar, deekej, dr, jsmeix, scorneli, till.kamppeter
Priority: P2    
Version: unspecified   
Hardware: PC   
OS: Linux   
Customer: 501,641 Word Size: ---

Description Tavis Ormandy 2018-08-21 18:59:30 UTC 
This issue was found by fuzzing, here is a minimal testcase:

{ null .load_tt_font_stripped } stopped {} if
b5
3
.pushpdf14devicefilter
null
null
gssetresolution
quit
Comment 1 Chris Liddell (chrisl) 2018-08-23 17:22:57 UTC 
Fixed in:

http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c432131c3f