#186 SEGV on put_patternarc()

[liuchenyifan]

version: fig2dev Version 3.2.9a
system: ubuntu22.04

use this command to reproduce: fig2dev -L pict2e ./poc

message from ASAN:

==3668276==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000004 (pc 0x563d0968ed63 bp 0x60c000000280 sp 0x7fff7ef6bfa0 T0)
==3668276==The signal is caused by a READ memory access.
==3668276==Hint: address points to the zero page.
#0 0x563d0968ed63 in put_patternarc /home/ubuntu/asan_program/fig2dev-3.2.9a/fig2dev/dev/genpict2e.c:2306
#1 0x563d096948b5 in genpict2e_arc /home/ubuntu/asan_program/fig2dev-3.2.9a/fig2dev/dev/genpict2e.c:2473
#2 0x563d0956e536 in gendev_objects /home/ubuntu/asan_program/fig2dev-3.2.9a/fig2dev/fig2dev.c:1038
#3 0x563d0956e536 in main /home/ubuntu/asan_program/fig2dev-3.2.9a/fig2dev/fig2dev.c:538
#4 0x7fb3e7837d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#5 0x7fb3e7837e3f in __libc_start_main_impl ../csu/libc-start.c:392
#6 0x563d0956ff54 in _start (/home/ubuntu/target_program/fig2dev-3.2.9a/fig2dev/output2/asan_fig2dev+0x6ff54)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/ubuntu/asan_program/fig2dev-3.2.9a/fig2dev/dev/genpict2e.c:2306 in put_patternarc
==3668276==ABORTING

[tkl]

Fixed with commit [c8a87d].

[Roland Rosenfeld]

CVE-2025-31163