2
1
mirror of https://github.com/qpdf/qpdf.git synced 2025-01-07 00:53:56 +00:00
Commit Graph

1863 Commits

Author SHA1 Message Date
m-holger
61f7d97b20
Merge pull request #1283 from m-holger/fuzz
Fix #1242
2024-09-17 00:19:52 +01:00
m-holger
54ac92eb1d
Merge pull request #1271 from m-holger/rsl
Fix QPDF::recoverStreamLength
2024-09-16 20:38:14 +01:00
m-holger
75091093fe
Merge pull request #1280 from m-holger/streams
Tidy QPDF_Stream
2024-09-16 19:52:24 +01:00
m-holger
ddfa3a24f0
Merge pull request #1281 from m-holger/input
Replace some std::shared_ptr parameters with reference parameters
2024-09-16 17:59:53 +01:00
m-holger
9ba6e070a1 Fix #1242
Ensure QPDF m->all_pages and invalid_page_found are reset if
getAllPagesInternal throws an exception.

Fixes fuzz case 71624.
2024-09-16 16:04:43 +01:00
m-holger
5d25aac6c7 In QPDFParser constructor change input parameter to InputSource& 2024-09-05 15:30:32 +01:00
m-holger
258343fcc9 In QPDF::readToken change input parameter to InputSource& 2024-09-05 15:23:28 +01:00
m-holger
20edfb3f91 In QPDF::damagedPDF change input parameter to InputSource& 2024-09-05 15:13:30 +01:00
m-holger
83e0f8da88 Tidy QPDF_Stream
1. Make class final
2. Pass og parameter by value
3. Properly initialize qpdf and og

Also, tweak QPDF::replaceObject to allow stream replacement without
violating the requirement that streams must always be indirect objects.

Also, remove QPDF::reserveStream as it does not do what the name implies
and having this as a separate methods does not aid code readability.
2024-09-04 16:00:57 +01:00
m-holger
7777ea84e7 Add new method ObjTable::emplace_back 2024-08-31 21:03:37 +01:00
m-holger
4badc78aea Remove methods ObjTable::initialize 2024-08-31 15:01:45 +01:00
m-holger
0d08f65cb8 Add new method ObjTable::resize 2024-08-31 14:20:16 +01:00
m-holger
68ac2179bd In ObjTable change maximum allowable object id to std::vector<T>::max_size()
Given that the PDF spec requires the xref table to contain entries for all
object ids <= the maximum id present in a PDF document, max_size is a
qpdf implementation limitation for legitimate object ids.
2024-08-31 12:55:53 +01:00
m-holger
64f9b7b242 Refactor QPDFObjectHandle::getTypeName 2024-08-27 10:39:33 +01:00
m-holger
8ed10d71ea In qpdf_fuzzer and dct_fuzzer add a scan limit for Pl_DCT 2024-08-25 17:03:26 +01:00
m-holger
ef49291682 In QPDF::readObjectAtOffset fail early on 'expect n n obj' 2024-08-23 14:09:20 +01:00
m-holger
0b3debaf86
Merge pull request #1253 from m-holger/pl_t
Refactor Pl_QPDFTokenizer
2024-08-21 18:29:55 +01:00
m-holger
c02cb9a720 Fix QPDF::recoverStreamLength
Ensure the the recovered stream end is not part of a different object.

Test file is bad24.pdf with stream 4 'endstream' corrupted.
2024-08-20 15:14:01 +01:00
m-holger
42cd7a98ad In QPDF::recoverStreamLength mark unreachable code 2024-08-20 12:52:33 +01:00
m-holger
0eb29c7357 If Pl_Flate memory limit is exceeded do not attempt 'finish' processing 2024-08-09 11:08:30 +01:00
m-holger
0663f1f8db Guard against 0 byte writes in Pl_Buffer and Pl_String 2024-08-07 16:19:16 +01:00
m-holger
06001ed25b Refactor the creation of unresolved objects
Create unresolved objects only for objects in the xref table (except during
parsing of the xref table). Do not add indirect nulls into the the object
cache as the result of a cache miss during a call to getObject except
during parsing or creation/updating from JSON. To support this behaviour,
add new private methods getObjectForParser and getObjectForJSON.

As a result of this change, dangling references are treated as direct nulls
rather than indirect nulls.
2024-08-06 12:22:09 +01:00
m-holger
87ee8ad071 In QPDFParser constructor add add parameter parse_pdf
Prepare for treating indirect references differently depending on whether
we are parsing a PDF file (in which case reference to objects not in the
xref table are null even if they are in the object cache) or whether parse
from user code (in which case an indirect reference can refer to a user
created object).
2024-08-06 10:02:07 +01:00
m-holger
7a1ec75ee1 Fix writing reals with trailing '.' as JSON (fixes #1261) 2024-08-06 01:09:48 +01:00
m-holger
3bab4cf394 Refactor Pl_RunLength::decode
Buffer output locally.
Add qpdf_fuzzer test case.
2024-08-03 15:52:45 +01:00
m-holger
99f3a7b5a3 In QPDFWriter::writeLinearized remember whether streams are filtered 2024-08-02 21:05:17 +01:00
m-holger
634d924986 In QPDFWriter::willFilterStream remember unfilterable streams 2024-08-02 19:23:17 +01:00
m-holger
2bb9e06d1e In qpdf_fuzzer add a memory limit for Pl_Flate 2024-07-28 19:54:38 +01:00
m-holger
aa4f288291 Refactor xref reconstruction
Avoid unnecessary rescanning of lines and repositioning of input file.
Limit max size of tokens.
2024-07-28 18:03:59 +01:00
m-holger
1536a76071 Refactor Pl_QPDFTokenizer::finish
Remove unnecessary use of shared pointers and avoid unnecessary string
creation.
2024-07-27 18:55:43 +01:00
m-holger
986a253cdd Overload QPDFTokenizer::findEI to take a InputSource& 2024-07-27 18:27:49 +01:00
m-holger
4783b22312 In ContentNormalizer::handleToken refactor handling of space tokens
Avoid writing each space char individually.
2024-07-27 18:06:12 +01:00
m-holger
ffe462e67e In ContentNormalizer::handleToken refactor handling of string and name tokens 2024-07-27 16:49:27 +01:00
m-holger
959ae4b4da Avoid unnecessary string copies in ContentNormalizer::handleToken 2024-07-27 16:33:17 +01:00
m-holger
4f16961052 In MD5_native::transform disable sanitizer unsigned integer overflow checks
Wrap-around is intentional and generates false positives
2024-07-22 13:11:07 +01:00
m-holger
9ce18e41f4
Merge pull request #979 from m-holger/const
In FUTURE make various QPDFObjectHandle methods const
2024-07-19 10:50:08 +01:00
m-holger
5be057caf0
Merge pull request #1247 from m-holger/fuzz
Adjust fuzzer warning and memory limits
2024-07-18 22:24:54 +01:00
m-holger
9ac506509b
Merge pull request #1240 from m-holger/i1238
Fix QPDFOutlineDocumentHelper::resolveNamedDest  (fixes #1238)
2024-07-18 22:24:16 +01:00
m-holger
34729e37e0 Limit memory used by Pl_PNGFilter and Pl_TIFFPredictor during fuzzing 2024-07-18 16:50:30 +01:00
m-holger
fe1fffe8db Change QPDF max_warnings into a hard limit
Throw damagedFile if max_warnings is exceeded. Change qpdf_fuzzer warnings limit to
limit to 500.
2024-07-18 16:50:08 +01:00
m-holger
992b7911ce Limit the number of warnings in json_fuzzer before giving up 2024-07-16 15:36:58 +01:00
m-holger
25e11a444a Throw an exception if the root of the pages tree misses the /Kids array 2024-07-16 14:44:47 +01:00
m-holger
7f2d76b78d Remove non-dictionary objects from pages tree 2024-07-16 14:35:32 +01:00
m-holger
f3cbaafcac Fix QPDFOutlineDocumentHelper::resolveNamedDest (fixes #1238)
Handle case where named destination is a dictionary with /D entry.

Test case is hand-edited outlines-with-old-root-dests.pdf with modified
object 107.
2024-07-14 12:15:45 +01:00
m-holger
186fca6d8d Add further sanity checks to QPDF::reconstruct_xref
Run getAllPages as sanity check and throw an exception if too many
warnings are generated or no pages are found.
2024-07-13 14:51:14 +01:00
m-holger
963574f27f Refactor QPDFOutlineDocumentHelper::resolveNamedDest 2024-07-13 11:34:02 +01:00
m-holger
722148de3d Further limit size of uncompressed JPEG for fuzzing
Try a  limit of 50MB. For very large limits processing time before
damage is encountered may exceed oss-fuzz limits.
Add further test cases.
2024-07-11 14:32:22 +01:00
m-holger
e914bbbbbc Add further sanity check to QPDF::reconstruct_xref
If reconstruct_xref generates more than 1000 warnings give up because the
file is so severely damaged that there is very little point continuing.
2024-07-11 13:25:07 +01:00
m-holger
c2c1618e08 Add extra sanity check on pages tree
Reject non-dictionary Page and Pages objects.

Also add additional qpdf_fuzzer test cases.
2024-07-10 19:03:23 +01:00
m-holger
2b6500ea17 In Pl_DCT::decompress refactor handling of corrupt data
If throw_on_corrupt is set, use a custom implementation of libjeg's
emit_message procedure to throw an exception when the first corrupt data
warning is encountered.
2024-07-09 20:55:51 +01:00