N/A

Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle.

N/A

N/A

Haru Free PDF Library HPDF_Page_Circle缓冲区溢出漏洞

HARU是一款免费的的跨平台函数库，用于生成PDF。 HARU在处理畸形的PDF数据时存在漏洞，远程攻击者可能利用此漏洞导致HARU崩溃。 HARU的hpdf_page_operator.c文件中HPDF_Page_Circle函数所使用的缓冲区char buf[HPDF_TMP_BUF_SIZ]没有正确地验证用户输入。如果用户受骗打开了特制的PDF文件的话，就可能触发缓冲区溢出，导致拒绝服务。

N/A

N/A