Don't encrypt trailer, fixes fuzz issue 15983

Ordinarily the trailer doesn't contain any strings, so this is usually a non-issue, but if the trailer contains strings, linearizing and encrypting with object streams would include encrypted strings in the trailer, which would blow out the padding because encrypted strings are longer than their cleartext counterparts.
2019-08-28 22:48:55 -04:00 · 2019-08-28 22:48:55 -04:00 · 0e51a9aca6
parent bb3ae14f04
commit 0e51a9aca6
2 changed files with 9 additions and 2 deletions
--- a/fuzz/qpdf_extra/15983.fuzz
+++ b/fuzz/qpdf_extra/15983.fuzz
--- a/libqpdf/QPDFWriter.cc
+++ b/libqpdf/QPDFWriter.cc
@ -1341,7 +1341,11 @@ QPDFWriter::writeTrailer(trailer_e which, int size, bool xref_stream,
                         qpdf_offset_t prev, int linearization_pass)
 {
    QPDFObjectHandle trailer = getTrimmedTrailer();
-    if (! xref_stream)
+    if (xref_stream)
+    {
+        this->m->cur_data_key.clear();
+    }
+    else
    {
 	writeString("trailer <<");
    }
@ -3320,7 +3324,10 @@ QPDFWriter::writeLinearized()
 		if (this->m->pipeline->getCount() != first_xref_end)
                {
                    throw std::logic_error(
-                        "insufficient padding for first pass xref stream");
+                        "insufficient padding for first pass xref stream; "
+                        "first_xref_end=" +
+                        QUtil::int_to_string(first_xref_end) +
+                        "; endpos=" + QUtil::int_to_string(endpos));
                }
 	    }
 	    writeString("\n");