Jay Berkenbilt
d4c41e2624
TODO: update notes on ignored fuzz cases
2019-08-28 23:06:57 -04:00
Jay Berkenbilt
0e51a9aca6
Don't encrypt trailer, fixes fuzz issue 15983
...
Ordinarily the trailer doesn't contain any strings, so this is usually
a non-issue, but if the trailer contains strings, linearizing and
encrypting with object streams would include encrypted strings in the
trailer, which would blow out the padding because encrypted strings
are longer than their cleartext counterparts.
2019-08-28 23:06:32 -04:00
Jay Berkenbilt
bb3ae14f04
More fuzzer notes
2019-08-28 23:06:32 -04:00
Jay Berkenbilt
47a38a942d
Detect stream in object stream, fixing fuzz 16214
...
It's detected in QPDFWriter instead of at parse time because I can't
figure out how to construct a test case in a reasonable time. This
commit moves the fuzz file into the regular test suite for a QTC
coverage case.
2019-08-28 12:49:04 -04:00
Jay Berkenbilt
15248aa54b
Safe pipeline pop fixed fuzz issue 15445
2019-08-27 22:27:47 -04:00
Jay Berkenbilt
ba5fb69164
Make popping pipeline stack safer
...
Use destructors to pop the pipeline stack, and ensure that code that
pops the stack is actually popping the intended thing.
2019-08-27 22:27:47 -04:00
Jay Berkenbilt
dadf8307c8
Fix fuzz issues 15316 and 15390
2019-08-27 20:39:06 -04:00
Jay Berkenbilt
456c285b02
Fix fuzz issue 16172 (overflow checking in OffsetInputSource)
2019-08-27 13:08:07 -04:00
Jay Berkenbilt
ad8081daf5
Fix fuzz issue 15442 (overflow checking in BufferInputSource)
2019-08-27 11:26:25 -04:00
Jay Berkenbilt
9a095c5c76
Seek in two stages to avoid overflow
...
When seeing to a position based on a value read from the input, we are
prone to integer overflow (fuzz issue 15442). Seek in two stages to
move the overflow check into the input source code.
2019-08-27 11:26:25 -04:00
Jay Berkenbilt
ac5e6de2e8
Fix fuzz issue 15387 (overflow checking xref size)
2019-08-27 11:26:25 -04:00
Jay Berkenbilt
6bc4cc3d48
Fix fuzz issue 15475
2019-08-25 22:52:25 -04:00
Jay Berkenbilt
94e86e2528
Fix fuzz issue 16301
2019-08-25 22:52:25 -04:00
Jay Berkenbilt
8721f189f8
Move qpdf_fuzzer tests to the end
...
This makes it faster to iterate on the other ones.
2019-08-25 22:52:25 -04:00
Jay Berkenbilt
ecca87d73c
Fuzz build: allow easy addition of test files
2019-08-25 22:52:25 -04:00
Jay Berkenbilt
9ebb55aff1
Include password match information in show encryption
2019-08-24 11:01:19 -04:00
Jay Berkenbilt
5da146c8b5
Track separately whether password was user/owner ( fixes #159 )
2019-08-24 11:01:19 -04:00
Jay Berkenbilt
5a0aef55a0
Split long line
2019-08-24 10:58:51 -04:00
Jay Berkenbilt
53930d96d0
Add some clarification to encryption in the manual
...
Per user suggestion in issue 351.
2019-08-23 21:27:41 -04:00
Jay Berkenbilt
2794bfb1a6
Add flags to control zlib compression level ( fixes #113 )
2019-08-23 20:34:21 -04:00
Jay Berkenbilt
dac0598b94
Add ability to set zlib compression level globally
2019-08-23 20:34:21 -04:00
Jay Berkenbilt
bda5d26894
Maintainer notes: don't use --disable-shared by default
...
This covers up forgetting to use QPDF_DLL and QPDF_DLL_CLASS.
2019-08-22 22:55:29 -04:00
Jay Berkenbilt
3f1ab64066
Pass offset and length to ParserCallbacks::handleObject
2019-08-22 22:54:29 -04:00
Jay Berkenbilt
4b2e72c4cd
Test for direct, rather than resolved nulls in parser
...
Just because we know an indirect reference is null, doesn't mean we
shouldn't keep it indirect.
2019-08-22 17:55:16 -04:00
Jay Berkenbilt
3f3dbe22ea
Remove array null flattening
...
For some reason, qpdf from the beginning was replacing indirect
references to null with literal null in arrays even after removing the
old behavior of flattening scalar references. This seems like a bad
idea.
2019-08-22 17:55:16 -04:00
Jay Berkenbilt
4b674b42e4
Mention name tokens in TokenFilter comments
2019-08-22 17:55:16 -04:00
Jay Berkenbilt
225cd9dac2
Protect against coding error of re-entrant parsing
2019-08-22 17:55:16 -04:00
Jay Berkenbilt
ae5bd7102d
Accept extraneous space before xref ( fixes #341 )
2019-08-19 22:24:53 -04:00
Jay Berkenbilt
8a9086a689
Accept extraneous space after stream keyword ( fixes #329 )
2019-08-19 21:43:44 -04:00
Jay Berkenbilt
43f91f58b8
Improve invalid name token warning message
...
This message used to only appear for PDF >= 1.2. The invalid name is
valid for PDF 1.0 and 1.1. However, since QPDFWriter may write a newer
version, it's better to detect and warn in all cases. Therefore make
the warning more informative.
2019-08-19 19:48:27 -04:00
Jay Berkenbilt
42d396f1dd
Handle invalid name tokens symmetrically for PDF < 1.2 ( fixes #332 )
2019-08-19 19:48:27 -04:00
Jay Berkenbilt
d9dd99eca3
Attempt to repair /Type key in pages nodes ( fixes #349 )
2019-08-18 18:54:37 -04:00
Jay Berkenbilt
c032f7c972
Improve how qtest finds windows /bin
2019-08-18 15:46:01 -04:00
Jay Berkenbilt
89dacd8eba
Array optimization fixes performance issues ( fixes #305 , #311 )
2019-08-18 09:00:55 -04:00
Jay Berkenbilt
522d2b2227
Improve efficiency of fixDanglingReferences
2019-08-18 09:00:40 -04:00
Jay Berkenbilt
5187a3ec85
Shallow copy arrays without removing sparseness
2019-08-17 23:02:41 -04:00
Jay Berkenbilt
bf7c6a8070
Use SparseOHArray in parsing
2019-08-17 23:02:41 -04:00
Jay Berkenbilt
e5f504b6c5
Use SparseOHArray in QPDF_Array
2019-08-17 23:02:41 -04:00
Jay Berkenbilt
a89d8a0677
Refactor QPDF_Array in preparation for using SparseOHArray
2019-08-17 23:02:41 -04:00
Jay Berkenbilt
e83f3308fb
SparseOHArray
2019-08-17 23:02:41 -04:00
Jay Berkenbilt
04419d7c32
Maintainer notes for using profiler
2019-08-17 10:17:20 -04:00
Jay Berkenbilt
8d7db4732b
TODO: add note to outlines
2019-07-13 21:35:14 -04:00
Jay Berkenbilt
88c1956705
Update comment in PointerHolder
2019-07-13 21:34:46 -04:00
Thorsten Schöning
8f06da7534
Change list to vector for outline helpers ( fixes #297 )
...
This change works around STL problems with Embarcadero C++ Builder
version 10.2, but std::vector is more common than std::list in qpdf,
and this is a relatively new API, so an API change is tolerable.
Thanks to Thorsten Schöning <6223655+ams-tschoening@users.noreply.github.com>
for the fix.
2019-07-03 20:08:47 -04:00
Jay Berkenbilt
4db1de97ce
Convert some cases of logic_error to runtime_error
...
There were a few cases that could be caused by invalid input rather
than bugs in the code which were throwing logic_error instead of
runtime_error.
2019-06-25 12:43:06 -04:00
Jay Berkenbilt
201e8798d7
Convert previously overlooked static cast to QIntC
2019-06-25 12:43:06 -04:00
Jay Berkenbilt
0ae344d002
Add fuzzers to exercise specific pipeline classes
2019-06-23 15:37:21 -04:00
Jay Berkenbilt
43ff34b49c
Update TODO
2019-06-23 14:57:10 -04:00
Jay Berkenbilt
04f45cf652
Treat all linearization errors as warnings
...
This also reverts the addition of a new checkLinearization that
distinguishes errors from warnings. There's no practical distinction
between what was considered an error and what was considered a
warning.
2019-06-23 13:45:45 -04:00
Jay Berkenbilt
0b45dfd3b1
TODO updates
2019-06-22 21:52:50 -04:00