mirror of
https://github.com/qpdf/qpdf.git
synced 2024-12-22 10:58:58 +00:00
Pad encryption parameters that are too short (fixes #96)
This commit is contained in:
parent
0c99cf874b
commit
8fe0b06cd8
@ -1,3 +1,8 @@
|
||||
2017-08-11 Jay Berkenbilt <ejb@ql.org>
|
||||
|
||||
* Handle encrypted files whose encryption parameters are too
|
||||
short. Fixes #96.
|
||||
|
||||
2017-08-10 Jay Berkenbilt <ejb@ql.org>
|
||||
|
||||
* Remove dependency on libpcre.
|
||||
|
@ -340,6 +340,16 @@ hash_V5(std::string const& password,
|
||||
return result;
|
||||
}
|
||||
|
||||
static
|
||||
void pad_short_parameter(std::string& param, unsigned int max_len)
|
||||
{
|
||||
if (param.length() < max_len)
|
||||
{
|
||||
QTC::TC("qpdf", "QPDF_encryption pad short parameter");
|
||||
param.append(max_len - param.length(), '\0');
|
||||
}
|
||||
}
|
||||
|
||||
std::string
|
||||
QPDF::compute_data_key(std::string const& encryption_key,
|
||||
int objid, int generation, bool use_aes,
|
||||
@ -876,6 +886,8 @@ QPDF::initializeEncryption()
|
||||
|
||||
if (V < 5)
|
||||
{
|
||||
pad_short_parameter(O, key_bytes);
|
||||
pad_short_parameter(U, key_bytes);
|
||||
if (! ((O.length() == key_bytes) && (U.length() == key_bytes)))
|
||||
{
|
||||
throw QPDFExc(qpdf_e_damaged_pdf, this->file->getName(),
|
||||
@ -899,6 +911,11 @@ QPDF::initializeEncryption()
|
||||
UE = encryption_dict.getKey("/UE").getStringValue();
|
||||
Perms = encryption_dict.getKey("/Perms").getStringValue();
|
||||
|
||||
pad_short_parameter(O, OU_key_bytes_V5);
|
||||
pad_short_parameter(U, OU_key_bytes_V5);
|
||||
pad_short_parameter(OE, OUE_key_bytes_V5);
|
||||
pad_short_parameter(UE, OUE_key_bytes_V5);
|
||||
pad_short_parameter(Perms, Perms_key_bytes_V5);
|
||||
if ((O.length() < OU_key_bytes_V5) ||
|
||||
(U.length() < OU_key_bytes_V5) ||
|
||||
(OE.length() < OUE_key_bytes_V5) ||
|
||||
|
@ -293,3 +293,4 @@ QPDF ignore first space in xref entry 0
|
||||
QPDF ignore first extra space in xref entry 0
|
||||
QPDF ignore second extra space in xref entry 0
|
||||
QPDF ignore length error xref entry 0
|
||||
QPDF_encryption pad short parameter 0
|
||||
|
@ -232,7 +232,7 @@ foreach my $d (@bug_tests)
|
||||
show_ntests();
|
||||
# ----------
|
||||
$td->notify("--- Miscellaneous Tests ---");
|
||||
$n_tests += 87;
|
||||
$n_tests += 88;
|
||||
|
||||
$td->runtest("qpdf version",
|
||||
{$td->COMMAND => "qpdf --version"},
|
||||
@ -676,6 +676,16 @@ $td->runtest("recoverable xref errors",
|
||||
$td->EXIT_STATUS => 3},
|
||||
$td->NORMALIZE_NEWLINES);
|
||||
|
||||
# A file was emailed privately with issue 96. short-O-U.pdf was
|
||||
# created by copying encryption parameters from that file. It exhibits
|
||||
# the same behavior as the original file.
|
||||
$td->runtest("short /O or /U",
|
||||
{$td->COMMAND =>
|
||||
"qpdf --password=19723102477 --check short-O-U.pdf"},
|
||||
{$td->FILE => "short-O-U.out",
|
||||
$td->EXIT_STATUS => 0},
|
||||
$td->NORMALIZE_NEWLINES);
|
||||
|
||||
show_ntests();
|
||||
# ----------
|
||||
$td->notify("--- Single Page ---");
|
||||
|
20
qpdf/qtest/qpdf/short-O-U.out
Normal file
20
qpdf/qtest/qpdf/short-O-U.out
Normal file
@ -0,0 +1,20 @@
|
||||
checking short-O-U.pdf
|
||||
PDF Version: 1.6
|
||||
R = 4
|
||||
P = -4
|
||||
User password = 19723102477
|
||||
extract for accessibility: allowed
|
||||
extract for any purpose: allowed
|
||||
print low resolution: allowed
|
||||
print high resolution: allowed
|
||||
modify document assembly: allowed
|
||||
modify forms: allowed
|
||||
modify annotations: allowed
|
||||
modify other: allowed
|
||||
modify anything: allowed
|
||||
stream encryption method: AESv2
|
||||
string encryption method: AESv2
|
||||
file encryption method: AESv2
|
||||
File is not linearized
|
||||
No syntax or stream encoding errors found; the file may still contain
|
||||
errors that qpdf cannot detect
|
39
qpdf/qtest/qpdf/short-O-U.pdf
Normal file
39
qpdf/qtest/qpdf/short-O-U.pdf
Normal file
@ -0,0 +1,39 @@
|
||||
%PDF-1.6
|
||||
%¿÷¢þ
|
||||
1 0 obj
|
||||
<< /Pages 2 0 R /Type /Catalog >>
|
||||
endobj
|
||||
2 0 obj
|
||||
<< /Count 1 /Kids [ 3 0 R ] /Type /Pages >>
|
||||
endobj
|
||||
3 0 obj
|
||||
<< /Contents 4 0 R /MediaBox [ 0 0 612 792 ] /Parent 2 0 R /Resources << /Font << /F1 5 0 R >> /ProcSet 6 0 R >> /Type /Page >>
|
||||
endobj
|
||||
4 0 obj
|
||||
<< /Length 80 /Filter /FlateDecode >>
|
||||
stream
|
||||
õÓt‘iº’ðU– j,òB\h½lI—-Z¦ä’ä ¢<C2A0>ŽDÃ@B;¢–dh«ŠR“‹.<2E>ºrYbàÿÈÔâ™û\Æ{˜cBøc¡C?{av<¹h·endstream
|
||||
endobj
|
||||
5 0 obj
|
||||
<< /BaseFont /Helvetica /Encoding /WinAnsiEncoding /Name /F1 /Subtype /Type1 /Type /Font >>
|
||||
endobj
|
||||
6 0 obj
|
||||
[ /PDF /Text ]
|
||||
endobj
|
||||
7 0 obj
|
||||
<< /CF << /StdCF << /AuthEvent /DocOpen /CFM /AESV2 /Length 16 >> >> /Filter /Standard /Length 128 /O <e9aa816e7e5861b853c9259303e9cbd1135453cc10e93f73a5c740de28649a75> /P -4 /R 4 /StmF /StdCF /StrF /StdCF /U <82f858c956fc27a1d051b09b9fb19b72> /V 4 >>
|
||||
endobj
|
||||
xref
|
||||
0 8
|
||||
0000000000 65535 f
|
||||
0000000015 00000 n
|
||||
0000000064 00000 n
|
||||
0000000123 00000 n
|
||||
0000000266 00000 n
|
||||
0000000416 00000 n
|
||||
0000000523 00000 n
|
||||
0000000553 00000 n
|
||||
trailer << /Root 1 0 R /Size 8 /ID [<35653732633166343063386438346132><e6a5593287c9d6485cf6706c8d97902c>] /Encrypt 7 0 R >>
|
||||
startxref
|
||||
820
|
||||
%%EOF
|
Loading…
Reference in New Issue
Block a user