1655350 - pdf printing differently than visible on-screen

Status: RESOLVED DUPLICATE of bug 1644575

(Firefox :: PDF Viewer, defect)

Description

[marcin.mank]

Attachment: doc.zip

I already reported this as a regular bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1655347

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0

attempted printing the attached document

some of the digits "1" got changed to a "6". e.g. on page 5 "kwota transakcji" printed as "6 023,87", while on-screen it is "1 023,87". I attach the original document ("potwierdzenie transakcji...") and the result of print-to-pdf. It is on windows 10. The document prints correctly in Acrobat Reader.

Imagine someone sends such a pdf to a person, person reviews on-screen, prints (where the printout has different values), then the document is signed.

Comment 1

[marcin.mank]

Ah, so the bug got duplicated (I submitted this one to get possible bug-bounty consideration). Please delete one of the bugs.

Comment 3

[Daniel Veditz [:dveditz]]

Attachment: PotwierdzenieTransakcji_20200726_215436.pdf

Comment 4

[Daniel Veditz [:dveditz]]

Attachment: print-to-pdf output (Windows)

Comment 5

[Daniel Veditz [:dveditz]]

Blake: please make sure the appropriate devs are CC'd here since it's currently a hidden bug. Does it need to be? You can't hack Firefox itself with this bug, but the scenario given in comment 0 is plausible as a user-spoofing issue. Is it just an occasional number glitch (which could be bad enough) or would an attacker have fine-grained control over the difference? If the latter this might be worse than sec-low.

I tested using Nightly on mac and couldn't confirm the problem, but the problem might be Windows-specific. Or, IIRC, pdf printing was a recent area of focus and maybe this is something we recently fixed.

Comment 6

[Blake Winton (:bwinton) (:☕️)]

Brendan is probably the right dev to look at this from the PDF side.
From the printing side, I'll tag Sean to see who he thinks should take a look at it.

Comment 7

[Sean Voisen (:svoisen)]

I also cannot reproduce on my Mac, so yeah definitely seems Windows-specific.

ni? jfkthame and jwatt to see if either has insight on this.

Comment 8

[Jonathan Kew [:jfkthame]]

I was able to reproduce this with Firefox 78.0.2 on Windows, but not with Nightly.

I was also able to reproduce in FF78 on Ubuntu, but not with my current mozilla-central build there.

After updating to FF 79 on Windows, it no longer reproduces.

I haven't done a full bisection to confirm, but I strongly suspect this is a manifestation of bug 1644575, which was fixed for FF79.

Marcin, if you update to Firefox 79 (which was just released), I think you'll find the bug no longer happens. Please confirm if that does resolve it for you -- thanks.

Comment 9

[marcin.mank]

Seems to be fixed in Firefox 79, can't reproduce any more.

Comment 11

[Brendan Dahl [:bdahl]]

Even if this still is an issue, I don't think it's a bigger security vulnerability than what the web is already capable of. A site can easily have different CSS rules for printing that would cause the on screen appearance to be different than the printed output.