| 출처 : https://github.com/antonio-morales/Fuzzing101 |
멘토님 덕에 좋은 레포를 알게되어 해당 내용을 공부해보기로 했다. 요즘 퍼징에 관심이 만땅으로 생겼었는데 뭐 어떻게 게 뭐부터 할지 고민했었는데... 매우 감사하다. 멘토님은 사실 exercise 10을 하시길을 원하신 거 같은데, 이왕 하는거 처음부터 차근차근 exercise 1부터 해보려고한다. (두근두근)
AFL++로 Xpdf 퍼징하기
- 타겟 : Xpdf PDF 뷰어
- 목표 : CVE-2019-13288
- 환경 : ubuntu-20.04.3 x86-64
1. 타겟 다운로드 및 빌드
(1) 디렉터리 및 build-essential 설치
cd $HOME
mkdir fuzzing_xpdf && cd fuzzing_xpdf/sudo apt install build-essential(2) Xpdf 3.02 다운로드
wget https://dl.xpdfreader.com/old/xpdf-3.02.tar.gz
tar -xvzf xpdf-3.02.tar.gz(3) Xpdf 3.02 빌드
cd xpdf-3.02
sudo apt update && sudo apt install -y build-essential gcc
./configure --prefix="$HOME/fuzzing_xpdf/install/"
make
make install(4) 빌드가 잘 되었는지 테스트
PDF 예제 다운로드
cd $HOME/fuzzing_xpdf
mkdir pdf_examples && cd pdf_examples
wget https://github.com/mozilla/pdf.js-sample-files/raw/master/helloworld.pdf
wget http://www.africau.edu/images/default/sample.pdf
wget https://www.melbpc.org.au/wp-content/uploads/2017/10/small-example-pdf-file.pdf테스트
$HOME/fuzzing_xpdf/install/bin/pdfinfo -box -meta $HOME/fuzzing_xpdf/pdf_examples/helloworld.pdf
2. AFL++
(1) 종속성 설치
sudo apt update -y
sudo apt install -y build-essential python3-dev automake git flex bison libglib2.0-dev libpixman-1-dev python3-setuptools
sudo apt install -y lld-11 llvm-11 llvm-11-dev clang-11 || sudo apt-get install -y lld llvm llvm-dev clang
sudo apt install -y gcc-$(gcc --version|head -n1|sed 's/.* //'|sed 's/\..*//')-plugin-dev libstdc++-$(gcc --version|head -n1|sed 's/.* //'|sed 's/\..*//')-dev(2) 빌드
cd $HOME
git clone https://github.com/AFLplusplus/AFLplusplus && cd AFLplusplus
export LLVM_CONFIG="llvm-config-11"
make distrib
sudo make install
설치가 잘 되었다면 afl-fuzz 명령을 입력했을 때 사용법이 출력된다.
(3) ALF 컴파일러로 Xpdf 재컴파일
make clean
rm -r $HOME/fuzzing_xpdf/install
cd $HOME/fuzzing_xpdf/xpdf-3.02/
make clean컴파일러 교체 후 빌드
export LLVM_CONFIG="llvm-config-11"
CC=$HOME/AFLplusplus/afl-clang-fast CXX=$HOME/AFLplusplus/afl-clang-fast++
./configure --prefix="$HOME/fuzzing_xpdf/install/"
make
make installafl-clang-fast 컴파일러를 사용하여 Xpdf를 빌드한다.
3. AFL++ 사용하기
afl-fuzz -i $HOME/fuzzing_xpdf/pdf_examples/ -o $HOME/fuzzing_xpdf/out/ -s 123 -- $HOME/fuzzing_xpdf/install/bin/pdftotext @@ $HOME/fuzzing_xpdf/output- -i 옵션 : 입력 케이스를 넣어야하는 디렉토리
- -o 옵션 : AFL++이 변형된 파일을 저장할 디렉토리
- -s 옵션 : static random seed
- @@ : 해당 프로그램이 파일을 입력으로 받는 경우에 사용
static random seed로 123을 설정하는 이유는 AFL은 non-deterministic testing algorithm을 사용하기 때문에 결과가 항상 동일하지 않다. 그렇기 때문에 123으로 고정 시드를 설정하였다.
(이렇게하면 퍼징결과가 Fuzzing101의 결과와 유사하여 더 쉽고 빨리 결과에 다다를 수 있다.)
4. 결과
saved crashes는 uniqe crash와 동일하다. 이는 -o 옵션으로 준 디렉터리 하위에 크래시가 저장되어 있다.
저걸 pdftotext에 인자로 주고 실행시켜보면 그냥 세폴이 뜨게 된다. 세폴이 뜨는 이유를 알기 위해서 AddressSanitizer를 이용해서 Xpdf를 재빌드하고 다시 실행시켜보았다.
CC=$HOME/AFLplusplus/afl-clang-fast
CXX=$HOME/AFLplusplus/afl-clang-fast++
CFLAGS="-fsanitize=address"
CXXFLAGS="-fsanitize=address"
./configure --prefix="$HOME/fuzzing_xpdf/install/" --with-freetype2-includes=/usr/include/freetype2--with-freetype2-includes=/usr/include/freetype2 옵션을 추가시킨 이유는 갑자기 configure할 때 freetype 관련 에러가 나왔기 때문이고, 나는 (갑자기;;) 또다른 오류가 발생했어서 구글링을 통해 아래 명령도 실행시켜주어 해결했다.
sudo apt-get install libfreetype6-dev libmotif-dev libxt-dev
그렇게 다시 빌드를 하고 나서 실행해보면 아래와 같이 asan이 stack overflow를 잡아낸 것을 확인할 수 있다.
참고로 전체 asan log는 아래에서 확인해볼 수 있다.
더보기
가독성 매우 없음 주의...
jir4vvit@ubuntu:~/fuzzing_xpdf$ ./install/bin/pdftotext ./out/default/crashes/id:000000,sig:11,src:001562,time:576649,execs:216725,op:havoc,rep:8 ./o
Error: May not be a PDF file (continuing anyway)
Error: PDF file is damaged - attempting to reconstruct xref table...
Error: Missing 'endstream'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==336956==ERROR: AddressSanitizer: stack-overflow on address 0x7ffd6d5eaff0 (pc 0x7f4bab4d4978 bp 0x6030000d7fd0 sp 0x7ffd6d5eafe0 T0)
#0 0x7f4bab4d4977 (/lib/x86_64-linux-gnu/libasan.so.5+0x12e977)
#1 0x7f4bab4d460b (/lib/x86_64-linux-gnu/libasan.so.5+0x12e60b)
#2 0x7f4bab3d2141 (/lib/x86_64-linux-gnu/libasan.so.5+0x2c141)
#3 0x7f4bab3ce7dc (/lib/x86_64-linux-gnu/libasan.so.5+0x287dc)
#4 0x7f4bab4b5905 in operator new(unsigned long) (/lib/x86_64-linux-gnu/libasan.so.5+0x10f905)
#5 0x5627df0db4b5 in Lexer::Lexer(XRef*, Stream*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Lexer.cc:53
#6 0x5627df3353a6 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:809
#7 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#8 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#9 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#10 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#11 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#12 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#13 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#14 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#15 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#16 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#17 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#18 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#19 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#20 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#21 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#22 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#23 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#24 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#25 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#26 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#27 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#28 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#29 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#30 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#31 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#32 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#33 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#34 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#35 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#36 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#37 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#38 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#39 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#40 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#41 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#42 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#43 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#44 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#45 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#46 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#47 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#48 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#49 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#50 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#51 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#52 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#53 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#54 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#55 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#56 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#57 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#58 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#59 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#60 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#61 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#62 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#63 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#64 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#65 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#66 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#67 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#68 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#69 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#70 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#71 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#72 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#73 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#74 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#75 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#76 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#77 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#78 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#79 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#80 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#81 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#82 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#83 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#84 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#85 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#86 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#87 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#88 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#89 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#90 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#91 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#92 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#93 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#94 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#95 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#96 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#97 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#98 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#99 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#100 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#101 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#102 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#103 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#104 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#105 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#106 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#107 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#108 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#109 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#110 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#111 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#112 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#113 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#114 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#115 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#116 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#117 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#118 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#119 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#120 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#121 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#122 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#123 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#124 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#125 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#126 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#127 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#128 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#129 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#130 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#131 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#132 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#133 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#134 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#135 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#136 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#137 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#138 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#139 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#140 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#141 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#142 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#143 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#144 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#145 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#146 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#147 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#148 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#149 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#150 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#151 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#152 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#153 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#154 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#155 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#156 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#157 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#158 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#159 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#160 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#161 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#162 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#163 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#164 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#165 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#166 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#167 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#168 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#169 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#170 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#171 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#172 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#173 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#174 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#175 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#176 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#177 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#178 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#179 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#180 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#181 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#182 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#183 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#184 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#185 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#186 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#187 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#188 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#189 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#190 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#191 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#192 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#193 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#194 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#195 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#196 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#197 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#198 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#199 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#200 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#201 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#202 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#203 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#204 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#205 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#206 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#207 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#208 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#209 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#210 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#211 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#212 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#213 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#214 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#215 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#216 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#217 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#218 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#219 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#220 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#221 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#222 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#223 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#224 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#225 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#226 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#227 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#228 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#229 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#230 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#231 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#232 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#233 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#234 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#235 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#236 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#237 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#238 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#239 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#240 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#241 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#242 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#243 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#244 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#245 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#246 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#247 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#248 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#249 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#250 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#251 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#252 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#253 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#254 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#255 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#256 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#257 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#258 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#259 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#260 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#261 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#262 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#263 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#264 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#265 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#266 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#267 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#268 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#269 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#270 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#271 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#272 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#273 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#274 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#275 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#276 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#277 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#278 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#279 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#280 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#281 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#282 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#283 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#284 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#285 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#286 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#287 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#288 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#289 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#290 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#291 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#292 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#293 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#294 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#295 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#296 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#297 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#298 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#299 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#300 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#301 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#302 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#303 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#304 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#305 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#306 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#307 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#308 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#309 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#310 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#311 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#312 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#313 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#314 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#315 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#316 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#317 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#318 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#319 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#320 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#321 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#322 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#323 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#324 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#325 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
#326 0x5627df336c00 in XRef::fetch(int, int, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/XRef.cc:823
#327 0x5627df13e80f in Object::dictLookup(char*, Object*) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Object.h:253
#328 0x5627df13e80f in Parser::makeStream(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:156
#329 0x5627df14a983 in Parser::getObj(Object*, unsigned char*, CryptAlgorithm, int, int, int) /home/jir4vvit/fuzzing_xpdf/xpdf-3.02/xpdf/Parser.cc:94
SUMMARY: AddressSanitizer: stack-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x12e977)
==336956==ABORTINGParser::getObj, Parser::makeStream, Object::dictLookup, XRef::fetch 를 반복하다가 마지막에 Lexer::Lexer 다음 new로 뭐 할당하다가 stack overflow 난 것을 확인할 수 있다.
여기서 핵심은 getObj가 재귀적으로 무한 반복되었다는 점이다.
상식적으로 생각해보면, 프로그램에서 호출된 각 함수는 스택에 스택 프레임을 할당하게 된다.
이때 함수가 재귀적으로 너무 많이 호출되면 스택 메모리는 고갈이 되고 이는 프로그램 충돌로 이어질 수 있다고 한다.
gdb로도 디버깅해서 살표볼 수도 있다고 하는데..... 개인적으로 이건 그냥 asan log 보고 소스코드를 직접 보면 무한 재귀를 하는 것을 쉽게 파악할 수 있기 때문에 굳이 동적 디버깅을 하지는 않았다.
gdb -q --args ./install/bin/pdftotext ./out/default/crashes/id:000000,sig:11,src:
pwngdb> r
'Research > fuzzing101' 카테고리의 다른 글
| [Fuzzing101] AFL++로 libexif 퍼징하기 (1) (타겟 다운로드, 퍼징) (0) | 2022.02.27 |
|---|