478304 – Okular exits every time I open a digitally signed PDF

Bug 478304 - Okular exits every time I open a digitally signed PDF

Summary: Okular exits every time I open a digitally signed PDF

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	okular
Classification:	Applications
Component:	general (show other bugs)
Version:	23.08.4
Platform:	unspecified Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Okular developers

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2023-12-09 14:43 UTC by meso5
Modified:	2023-12-28 09:55 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description meso5 2023-12-09 14:43:14 UTC

Application: okular (23.08.4)

Qt Version: 5.15.11
Frameworks Version: 5.113.0
Operating System: Linux 6.2.0-37-generic x86_64
Windowing System: Wayland
Distribution: KDE neon 5.27
DrKonqi: 5.27.10 [KCrashBackend]

-- Information about the crash:
Every time I open a certain digitally signed PDF, Okular exits without warning. This happens with Okular on KDE Neon and on Windows 10. Acrobat Pro and PDF-XChange on Windows 10 open it as normal and display the digital signature info banner. Master PDF on Windows 10, and Atril and Evince on Debian Sid open it but they seem to be unaware of the digital signature, even in the document Properties. I can't locate another digitally signed PDF to compare, and can't provide the PDF above because of confidentiality.

The crash can be reproduced every time.

-- Backtrace:
Application: Okular (okular), signal: Segmentation fault

[KCrash Handler]
#4  0x00007f0d6de45059 in NSSSignatureVerification::NSSSignatureVerification (p7data=..., this=0x559979344660) at ./poppler/NSSCryptoSignBackend.cc:779
#5  std::make_unique<NSSSignatureVerification, std::vector<unsigned char, std::allocator<unsigned char> > > () at /usr/include/c++/11/bits/unique_ptr.h:962
#6  NSSCryptoSignBackend::createVerificationHandler (this=<optimized out>, pkcs7=...) at ./poppler/NSSCryptoSignBackend.cc:1189
#7  0x00007f0d6dd2963e in FormFieldSignature::validateSignature (this=0x559978f22ea0, doVerifyCert=doVerifyCert@entry=true, forceRevalidation=forceRevalidation@entry=false, validationTime=-1, ocspRevocationCheck=<optimized out>, enableAIA=enableAIA@entry=false) at ./poppler/Form.cc:2387
#8  0x00007f0d6dd29b9c in FormWidgetSignature::validateSignature (this=this@entry=0x559979338fa0, doVerifyCert=doVerifyCert@entry=true, forceRevalidation=forceRevalidation@entry=false, validationTime=<optimized out>, ocspRevocationCheck=<optimized out>, enableAIA=enableAIA@entry=false) at ./poppler/Form.cc:579
#9  0x00007f0d740bfa6a in Poppler::FormFieldSignature::validate (this=this@entry=0x55997933e020, opt=opt@entry=1, validationTime=...) at ./qt5/src/poppler-form.cc:1044
#10 0x00007f0d740bff14 in Poppler::FormFieldSignature::validate (this=0x55997933e020, opt=Poppler::FormFieldSignature::ValidateVerifyCertificate) at ./qt5/src/poppler-form.cc:978
#11 0x00007f0d7413e5cb in ?? () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okular/generators/okularGenerator_poppler.so
#12 0x00007f0d7414504c in ?? () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okular/generators/okularGenerator_poppler.so
#13 0x00007f0d7413472d in ?? () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okular/generators/okularGenerator_poppler.so
#14 0x00007f0d940d1fa2 in ?? () from /lib/x86_64-linux-gnu/libOkular5Core.so.11
#15 0x00007f0d940db71e in Okular::Document::openDocument(QString const&, QUrl const&, QMimeType const&, QString const&) () from /lib/x86_64-linux-gnu/libOkular5Core.so.11
#16 0x00007f0d8cee7995 in Okular::Part::doOpenFile(QMimeType const&, QString const&, bool*) () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okularpart.so
#17 0x00007f0d8cee91c3 in Okular::Part::openFile() () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okularpart.so
#18 0x00007f0d9c99ac65 in ?? () from /lib/x86_64-linux-gnu/libKF5Parts.so.5
#19 0x00007f0d9c9a0b27 in KParts::ReadOnlyPart::openUrl(QUrl const&) () from /lib/x86_64-linux-gnu/libKF5Parts.so.5
#20 0x00007f0d8cee5dcb in Okular::Part::openUrl(QUrl const&, bool) () from /usr/lib/x86_64-linux-gnu/qt5/plugins/okularpart.so
#21 0x000055997693263b in ?? ()
#22 0x0000559976934289 in ?? ()
#23 0x00007f0d9aef4394 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#24 0x00007f0d9aef4394 in ?? () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#25 0x00007f0d9bc62a06 in QAbstractButton::clicked(bool) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#26 0x00007f0d9bc62c8e in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#27 0x00007f0d9bc648b4 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#28 0x00007f0d9bc64ad7 in QAbstractButton::mouseReleaseEvent(QMouseEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#29 0x00007f0d9bbaf95e in QWidget::event(QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#30 0x00007f0d9bb6c763 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#31 0x00007f0d9bb743a4 in QApplication::notify(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#32 0x00007f0d9aebc8ea in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#33 0x00007f0d9bb72e87 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#34 0x00007f0d9bbc91db in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#35 0x00007f0d9bbcc535 in ?? () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#36 0x00007f0d9bb6c763 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Widgets.so.5
#37 0x00007f0d9aebc8ea in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#38 0x00007f0d9b343197 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /lib/x86_64-linux-gnu/libQt5Gui.so.5
#39 0x00007f0d9b316dbc in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Gui.so.5
#40 0x00007f0d99403c74 in ?? () from /lib/x86_64-linux-gnu/libQt5WaylandClient.so.5
#41 0x00007f0d995c7d3b in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#42 0x00007f0d9961d258 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#43 0x00007f0d995c53e3 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#44 0x00007f0d9af15dd8 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#45 0x00007f0d9aebb20b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#46 0x00007f0d9aec37b4 in QCoreApplication::exec() () from /lib/x86_64-linux-gnu/libQt5Core.so.5
#47 0x000055997692bec8 in ?? ()
#48 0x00007f0d9a429d90 in __libc_start_call_main (main=main@entry=0x55997692a850, argc=argc@entry=1, argv=argv@entry=0x7fff3d7b75e8) at ../sysdeps/nptl/libc_start_call_main.h:58
#49 0x00007f0d9a429e40 in __libc_start_main_impl (main=0x55997692a850, argc=1, argv=0x7fff3d7b75e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff3d7b75d8) at ../csu/libc-start.c:392
#50 0x000055997692c8f5 in ?? ()
[Inferior 1 (process 2398) detached]

Reported using DrKonqi

Comment 1 Albert Astals Cid 2023-12-10 22:35:20 UTC

Would it be possible for us to have access to that file?

Comment 2 meso5 2023-12-11 00:46:36 UTC

(In reply to Albert Astals Cid from comment #1)
> Would it be possible for us to have access to that file?

The file is technically confidential even though there is nothing particularly exciting in there. Would the file still be useful if I redacted identifying info? The digital signature would then fail but the file may still reveal the problem. If I could locate more digitally signed PDFs I could try them out.

Comment 3 Albert Astals Cid 2023-12-12 23:02:25 UTC

(In reply to meso5 from comment #2)
> (In reply to Albert Astals Cid from comment #1)
> > Would it be possible for us to have access to that file?
> 
> The file is technically confidential even though there is nothing
> particularly exciting in there. Would the file still be useful if I redacted
> identifying info? The digital signature would then fail but the file may
> still reveal the problem. If I could locate more digitally signed PDFs I
> could try them out.

If it crashes it's useful, but be careful redacting most of the times doesn't really hide the text and tools like pdftotext can still extract it.

Comment 4 meso5 2023-12-12 23:26:47 UTC

As it turns out, Acrobat Pro won't let me redact anything because the file is signed, which makes sense. As I said, there is nothing important or interesting in the file and I wouldn't mind sending it to you somehow for debugging as long as it's not publicly available on the web and you commit to discarding it afterwards, but I can't find a way to submit a file confidentially.

Comment 5 Albert Astals Cid 2023-12-12 23:29:11 UTC

You can send it to me via email to aacid@kde.org

Comment 6 meso5 2023-12-12 23:31:49 UTC

I just emailed it to you.

Comment 7 Sune Vuorela 2023-12-13 08:23:41 UTC

(In reply to meso5 from comment #6)
> I just emailed it to you.

I'll probably end up reviewing Albert's fix, if not helping implementing it; any chance I can get a copy as well ? sune@kde.org

It looks like I touched the crashing code in question last.

Comment 8 Bug Janitor Service 2023-12-28 03:46:22 UTC

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Comment 9 Albert Astals Cid 2023-12-28 09:55:36 UTC

https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1480