2
1
mirror of https://github.com/qpdf/qpdf.git synced 2024-12-23 11:28:56 +00:00
Commit Graph

1538 Commits

Author SHA1 Message Date
Jay Berkenbilt
b07ad6794e Fix bugs found by fuzz tests
* Several assertions in linearization were not always true; change
  them to run time errors
* Handle a few cases of uninitialized objects
* Handle pages with no contents when doing form operations
* Handle invalid page tree nodes when traversing pages
2019-06-21 17:56:24 -04:00
Jay Berkenbilt
a35d4ce9cc Fix bounds error in utf16_to_utf8 conversion 2019-06-21 17:40:24 -04:00
Jay Berkenbilt
2320714339 Clean up fuzzer installation and add test files
* Create the seed corpus in the build directory
* Don't assume all fuzzers share an options file
2019-06-21 17:39:53 -04:00
Jay Berkenbilt
ed7f2a6c76 Add smaller image streams file for testing 2019-06-21 17:39:53 -04:00
Jay Berkenbilt
2c81eec45e Re-enable fuzzer testing in Windows 2019-06-21 17:32:35 -04:00
Jay Berkenbilt
1763957cbc Remove integer type task from TODO 2019-06-21 13:17:45 -04:00
Jay Berkenbilt
6fca27995e Update casting policy in the documentation 2019-06-21 13:17:45 -04:00
Jay Berkenbilt
cc2e8853b5 Enable int warnings by default
Now that there aren't any more...
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
63a643a3c7 Remove implicit conversion from int/pointer to bool
This fixes cases of warning C4800 from msvc
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
d71f05ca07 Fix sign and conversion warnings (major)
This makes all integer type conversions that have potential data loss
explicit with calls that do range checks and raise an exception. After
this commit, qpdf builds with no warnings when -Wsign-conversion
-Wconversion is used with gcc or clang or when -W3 -Wd4800 is used
with MSVC. This significantly reduces the likelihood of potential
crashes from bogus integer values.

There are some parts of the code that take int when they should take
size_t or an offset. Such places would make qpdf not support files
with more than 2^31 of something that usually wouldn't be so large. In
the event that such a file shows up and is valid, at least qpdf would
raise an error in the right spot so the issue could be legitimately
addressed rather than failing in some weird way because of a silent
overflow condition.
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
f40ffc9d63 Pl_Flate: constructor's out_bufsize is now unsigned int
This is the type we need for the underlying zlib implementation.
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
da30764bce Change QPDFObjectHandle::pipeStreamData's encode_flags type
Change from unsigned long to int since we pass enumerated type values
to this field.
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
3608afd5c5 Add new integer accessors to QPDFObjectHandle 2019-06-21 13:17:21 -04:00
Jay Berkenbilt
42306e2ff8 QUtil: add unsigned int/string functions 2019-06-21 13:17:21 -04:00
Jay Berkenbilt
a66828caff New safe type converters in QIntC 2019-06-21 13:17:21 -04:00
Jay Berkenbilt
bdf29ca33e Add 32-bit Linux build to CI 2019-06-21 13:17:21 -04:00
Jay Berkenbilt
2155815234 configure: determine wordsize automatically
Based on sizeof(size_t). Assumes 64 if not 32.
2019-06-21 13:17:21 -04:00
Jay Berkenbilt
f562d494b0 configure: add --enable-int-warnings 2019-06-20 23:42:27 -04:00
Jay Berkenbilt
713d961990 Appearance streams: some floating point values were truncated
Bounding box X coordinates could be truncated, causing them to be off
by a fraction of a point. This was most likely not visible, but it was
still wrong.
2019-06-20 21:32:30 -04:00
Jay Berkenbilt
e3129ef432 Fix typo in doc for configure 2019-06-18 09:20:38 -04:00
Jay Berkenbilt
bbabbc2076 TODO 2019-06-18 08:44:10 -04:00
Jay Berkenbilt
616ae15595 Remove qpdf_read_memory_fuzzer 2019-06-18 08:43:55 -04:00
Jay Berkenbilt
127859a6d3 Run tests with sanitizers in CI 2019-06-15 17:24:24 -04:00
Jay Berkenbilt
bcfa407912 As a test suite, run stand-alone fuzzer on seed corpus
Temporarily skip fuzz tests on Windows. There are Windows-specific
failures to address later.
2019-06-15 17:24:24 -04:00
Jay Berkenbilt
e2c77bab89 Populate seed corpus 2019-06-15 17:24:24 -04:00
Jay Berkenbilt
9d31037489 Add corpus from previous fuzzer
This is the set of files from the latest corpus of running the older
fuzzer (qpdf_read_memory_fuzzer) at the time of adding the new fuzzer
(qpdf_fuzzer) after running a merge operation to minimize the corpus.
2019-06-15 17:24:24 -04:00
Jay Berkenbilt
320702c086 Add test files from oss-fuzz bugs (fixes #335) 2019-06-15 17:24:24 -04:00
Jay Berkenbilt
eb7948876b Fix problems found in fuzz corpus 2019-06-15 17:24:24 -04:00
Jay Berkenbilt
f561a5df32 Implement fuzzer with good coverage 2019-06-15 17:24:24 -04:00
Jay Berkenbilt
cf469d7890 Give up reading objects with too many consecutive errors 2019-06-15 08:52:19 -04:00
Jay Berkenbilt
cd830968ef Eliminate one potential integer overflow
There are more to handle, but this resolves an issue already caught by
oss-fuzz.
2019-06-15 08:52:19 -04:00
Jay Berkenbilt
d0b26b8337 oss-fuzz-build: support branch switching 2019-06-14 11:05:48 -04:00
Jay Berkenbilt
3d03024ab2 oss-fuzz initial integration 2019-06-13 09:28:38 -04:00
Jay Berkenbilt
d263a0493a TODO 2019-06-12 14:53:44 -04:00
Marco Scarpetta
b405e5e1c9 Fix typo (#334) 2019-06-12 14:21:33 -04:00
Jay Berkenbilt
3a180a0591 Commit forgotten test files 2019-06-09 18:11:37 -04:00
Jay Berkenbilt
31bde2f9d7 Handle empty DecodeParams array for (fixes #331)
On read, ignore /DecodeParms when empty list; on write, delete it.
Some files have been found that include an empty list for
/DecodeParms, but this is not technically compliant with the spec, and
the only sensible interpretation is to treat it as if there are no
decode parameters.
2019-06-09 17:19:49 -04:00
Jay Berkenbilt
74cc3440df Regenerate autofiles 2019-05-18 09:00:08 -04:00
Jay Berkenbilt
b1a78be1a8 Prepare 8.4.2 release 2019-05-18 08:56:37 -04:00
Jay Berkenbilt
e61ee88dd2 Provide link to public key file 2019-05-18 08:49:30 -04:00
Jay Berkenbilt
b9b7e34743 TODO 2019-05-16 17:20:59 -04:00
Jay Berkenbilt
b3f0dbff62 Fix Windows memory error (fixes #330) 2019-05-16 14:26:51 -04:00
Jay Berkenbilt
a323f6f49f Prepare 8.4.1 release 2019-04-27 20:44:20 -04:00
Jay Berkenbilt
03e27709f3 Improve Unicode filename testing
Remove dependency on the behavior of perl for reliable creation of
Unicode file names on Windows.
2019-04-27 20:37:33 -04:00
Jay Berkenbilt
7ff234a92f Remove stray comment 2019-04-27 20:37:33 -04:00
Jay Berkenbilt
7db5bc289b Fix typo 2019-04-22 09:37:23 -04:00
Jay Berkenbilt
81205e007b Spell check 2019-04-21 13:09:11 -04:00
Jay Berkenbilt
12b159118a Compare versions between CLI and library 2019-04-20 21:00:43 -04:00
Jay Berkenbilt
2b011f9d81 Add --remove-page-labels option (fixes #317) 2019-04-20 21:00:43 -04:00
Jay Berkenbilt
e50d5201df Add --keep-files-open-threshold (fixes #288) 2019-04-20 21:00:43 -04:00