CVE-2019-14934

An issue was discovered in PDFResurrect before 0.18. pdfloadpages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.

References

Affected packages

Git / github.com/enferex/pdfresurrect

Affected ranges

Type: GIT
Repo: https://github.com/enferex/pdfresurrect
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

0c4120fffa3dffe97b95c486a120eded82afe8a6

Affected versions

v0.*

v0.12

v0.13

v0.14

v0.15

v0.16

v0.17

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "function": "pdf_new",
            "file": "pdf.c"
        },
        "digest": {
            "function_hash": "256762083501416603035630189130717321116",
            "length": 411.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2019-14934-15db9f66"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "file": "main.h"
        },
        "digest": {
            "line_hashes": [
                "77550204864934512861691379411606033135"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2019-14934-2510bbcd"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "function": "load_xref_from_plaintext",
            "file": "pdf.c"
        },
        "digest": {
            "function_hash": "48934365315674630234225596062129451311",
            "length": 1706.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2019-14934-6bca77a9"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "function": "get_object",
            "file": "pdf.c"
        },
        "digest": {
            "function_hash": "58635718599131693217587185458041454427",
            "length": 1324.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2019-14934-79add9eb"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "file": "main.c"
        },
        "digest": {
            "line_hashes": [
                "8453129989799462549625768825652279104",
                "99530902912696310155202760077583412971",
                "263789281847861437657419263367130839764",
                "40093693050038650973610115055865087694",
                "195762686309494098847226134441540771337",
                "213733784580435541426190752691248932044",
                "271437894462184597772681304616982755120",
                "279007304580546757892162788787963212628",
                "36619885542697655876905904156221089162",
                "193381253870895511045362551388566296032",
                "68211198074068728073314749322967623862"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2019-14934-8058a0bd"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "function": "pdf_load_xrefs",
            "file": "pdf.c"
        },
        "digest": {
            "function_hash": "325304485965751155243122437109992761270",
            "length": 1795.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2019-14934-d3cf275f"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "function": "get_header",
            "file": "pdf.c"
        },
        "digest": {
            "function_hash": "49745236901477109303946366760120247159",
            "length": 306.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2019-14934-f0b64b3c"
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6",
        "target": {
            "file": "pdf.c"
        },
        "digest": {
            "line_hashes": [
                "268273926068758734056256075221191754643",
                "169994098497221076449878214494719241089",
                "1223739350107562493354016399320061662",
                "176497472191781189226379682557754201526",
                "282205922933228270404566573370762426697",
                "260181441558037407599593109788573902514",
                "191126972468617502371386837034164241367",
                "299189483496189035622460523856866872060",
                "110540770146931969867386605517569909795",
                "85878818426568453576324201150584045639",
                "68062500688153715834220096481784014949",
                "163415804638944167511257389352632086249",
                "214525089734176831586762927983064466067",
                "116476472887827962984265632618014525082",
                "251343443163535428846508345180430432155",
                "22538543802820471354439062993839377423",
                "37024084632818626181079309694738587944",
                "69622802471060449691176575022365776546",
                "282093569213571388689947168342871286455",
                "240383590169946072289977169315953016800",
                "93413984929112082925602786465000372940",
                "312304943219526437521288686604261261901",
                "112967292899666047622385164009660699052",
                "48505500378436910448633747041365270793",
                "161549004012120452569306843293306914465",
                "2701174797233355839916074321577437246",
                "174208329816497157813305367820761893112",
                "22031510781211203305026291240495223835",
                "283881357162004280958057057566801164661",
                "112157753924922027756319803903750652613",
                "142461620309279005631855992303049312787",
                "32765573441743220648559235849853200626",
                "19507934344298856034909852722035432701",
                "294551937220830993921857588055672458968",
                "213934481633932873550800769782986177966",
                "330241373759005916819729349663440108152",
                "46410259376222430955351602174787174475",
                "148185064150146256905608088678192475271",
                "272886130577751105247700653650708581005",
                "97074372526294746068327671854355351103",
                "332888570291388733399927404292502672093",
                "199729256583163704759073122295866848916",
                "170131629266426561397621723114280184576",
                "66130561064676095891159986328236158062",
                "140051216598213548315519547919510787265",
                "129410460819032184012843159128190878859",
                "106821631990123657696466870123816726178",
                "144574010844810691036817496746292302331",
                "16289969439010543607636456072016621395",
                "270743833535122959267115028609378908417",
                "235913489571026782893848565876734520998",
                "21178081986711556680337517148292907538",
                "126604359106623566770259428789398788262",
                "8525622703922830153812401378347619616",
                "183692961265600505142532072818287628756",
                "191525734366163183458197813779896916055"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2019-14934-fe7fcc70"
    }
]