octoleo/qpdf - qpdf - Vast Development Method

mirror of https://github.com/qpdf/qpdf.git synced 2024-11-01 03:12:29 +00:00

Author	SHA1	Message	Date
m-holger	9ac506509b	Merge pull request #1240 from m-holger/i1238 Fix QPDFOutlineDocumentHelper::resolveNamedDest (fixes #1238)	2024-07-18 22:24:16 +01:00
m-holger	30e187b458	Rename fuzz test case	2024-07-18 16:50:37 +01:00
m-holger	34729e37e0	Limit memory used by Pl_PNGFilter and Pl_TIFFPredictor during fuzzing	2024-07-18 16:50:30 +01:00
m-holger	fe1fffe8db	Change QPDF max_warnings into a hard limit Throw damagedFile if max_warnings is exceeded. Change qpdf_fuzzer warnings limit to limit to 500.	2024-07-18 16:50:08 +01:00
m-holger	bcf81a1423	Merge pull request #1242 from m-holger/fuzz Tighten page tree checks	2024-07-17 00:59:56 +01:00
m-holger	992b7911ce	Limit the number of warnings in json_fuzzer before giving up	2024-07-16 15:36:58 +01:00
m-holger	e14e828c3d	Add further fuzz tests	2024-07-16 14:52:09 +01:00
m-holger	25e11a444a	Throw an exception if the root of the pages tree misses the /Kids array	2024-07-16 14:44:47 +01:00
m-holger	7f2d76b78d	Remove non-dictionary objects from pages tree	2024-07-16 14:35:32 +01:00
m-holger	01353e114f	Merge pull request #1241 from m-holger/fuzz Add further sanity checks to QPDF::reconstruct_xref	2024-07-14 23:40:29 +01:00
m-holger	f3cbaafcac	Fix QPDFOutlineDocumentHelper::resolveNamedDest (fixes #1238 ) Handle case where named destination is a dictionary with /D entry. Test case is hand-edited outlines-with-old-root-dests.pdf with modified object 107.	2024-07-14 12:15:45 +01:00
m-holger	186fca6d8d	Add further sanity checks to QPDF::reconstruct_xref Run getAllPages as sanity check and throw an exception if too many warnings are generated or no pages are found.	2024-07-13 14:51:14 +01:00
m-holger	963574f27f	Refactor QPDFOutlineDocumentHelper::resolveNamedDest	2024-07-13 11:34:02 +01:00
m-holger	f4e468b180	Merge pull request #1239 from m-holger/fuzz Add further sanity check to QPDF::reconstruct_xref	2024-07-12 00:00:20 +01:00
m-holger	722148de3d	Further limit size of uncompressed JPEG for fuzzing Try a limit of 50MB. For very large limits processing time before damage is encountered may exceed oss-fuzz limits. Add further test cases.	2024-07-11 14:32:22 +01:00
m-holger	e914bbbbbc	Add further sanity check to QPDF::reconstruct_xref If reconstruct_xref generates more than 1000 warnings give up because the file is so severely damaged that there is very little point continuing.	2024-07-11 13:25:07 +01:00
m-holger	205bd6fb61	Merge pull request #1237 from m-holger/fuzz Add extra sanity check on pages tree	2024-07-11 01:02:27 +01:00
m-holger	c2c1618e08	Add extra sanity check on pages tree Reject non-dictionary Page and Pages objects. Also add additional qpdf_fuzzer test cases.	2024-07-10 19:03:23 +01:00
m-holger	1ec5d3daa8	Merge pull request #1236 from m-holger/fuzz Add additional xref reconstruction sanity checks and fuzz test cases	2024-07-10 00:29:37 +01:00
m-holger	2b6500ea17	In Pl_DCT::decompress refactor handling of corrupt data If throw_on_corrupt is set, use a custom implementation of libjeg's emit_message procedure to throw an exception when the first corrupt data warning is encountered.	2024-07-09 20:55:51 +01:00
m-holger	7172dbd4e0	Add additional fuzzer test cases Add test case for oss-fuzz 15471 and 69977a	2024-07-09 17:17:10 +01:00
m-holger	2e378d920d	Add additional sanity check during xref reconstruction Check that xref table is not empty after recovery. Empty xref tables disable other sanity checks.	2024-07-09 17:01:44 +01:00
m-holger	7445e0ac1e	Fix QPDF::setSuppressWarnings	2024-07-09 16:38:02 +01:00
m-holger	9ffa201422	Merge pull request #1234 from m-holger/dct_fuzz Fix Pl_DCT memory limit	2024-07-09 00:46:14 +01:00
m-holger	43004e3399	Fix Pl_DCT memory limit	2024-07-08 13:31:02 +01:00
m-holger	55216955b7	Merge pull request #1233 from m-holger/fuzz Add qpdf_fuzzer test case	2024-07-08 00:22:51 +01:00
m-holger	e76d668219	Add qpdf_fuzzer test case	2024-07-07 23:58:18 +01:00
m-holger	e9df787132	Merge pull request #1231 from m-holger/fuzz In QPDF::processXRefIndex check number of objects in subsection is > 0	2024-07-07 00:22:52 +01:00
m-holger	c1cd3ec8a0	In QPDF::processXRefIndex check number of objects in subsection is > 0 Fixes oss-fuzz 70055	2024-07-06 16:09:50 +01:00
m-holger	ce2deaf185	Merge pull request #1230 from m-holger/clean-dct-fuzz-changes Alternative clean dct fuzz changes	2024-07-06 06:10:27 +01:00
Jay Berkenbilt	7d478651d1	Ignore previous commit for git blame	2024-07-05 13:29:19 -04:00
Jay Berkenbilt	d7b909f97d	Normalize whitespace in ChangeLog	2024-07-05 13:28:49 -04:00
m-holger	f0ded6bca8	Add test case for self-referential object streams Previous test case was lost in #1221. Test file was created from object-stream.pdf by adding a reference to itself into object stream 1 0.	2024-07-04 20:40:47 +01:00
m-holger	edf3509b78	Treat corrupt JPEG streams as unfilterable	2024-07-04 17:06:42 +01:00
Jay Berkenbilt	598268f6ad	Add setMaxWarnings rather than using conditional compilation	2024-07-03 15:44:44 +01:00
Jay Berkenbilt	65bd8bc57d	Add DCT decompression config methods in favor of compile-time changes As a rule, we should avoid conditional compilation is it always causes code paths that are sometimes not even seen lexically by the compiler. Also, we want the actual code being fuzzed to be as close as possible to the real code. Conditional compilation is suitable to handle underlying system differences. Instead, favor configuration using callbacks or other methods that can be triggered in the places where they need to be exercised.	2024-07-03 15:43:38 +01:00
m-holger	b45e3420d6	Merge pull request #1228 from m-holger/fuzz7 Add further sanity and loop detection checks	2024-07-02 01:52:14 +01:00
m-holger	a367e56afc	In QPDF::resolveObjectsInStream avoid creating xref table entries Invalid entries are created when objects in the stream do not have an existing xref entry.	2024-07-02 01:16:23 +01:00
m-holger	6d640c569a	Add additional object id sanity checks Ensure objects with impossibly large ids are ignored.	2024-07-02 01:16:23 +01:00
m-holger	42c511198b	Suppress excessive warnings while fuzzing Add extra fuzz test case and amend memory limit for Pl_DCT.	2024-07-02 01:16:23 +01:00
m-holger	9081ac69cd	Merge pull request #1227 from m-holger/fuzz6 Refine #1225	2024-06-30 01:50:36 +01:00
m-holger	09492eea06	Merge pull request #1226 from m-holger/fuzz5 In QPDFOutlineObjectHelper detect loops in direct children	2024-06-30 01:50:16 +01:00
m-holger	18c52640cc	Refine #1225	2024-06-29 14:47:03 +01:00
m-holger	0a081e1f09	In QPDFOutlineObjectHelper detect loops in direct children Also, add diagnostic messages in qpdf_fuzzer and additional fuzz test case.	2024-06-29 12:38:07 +01:00
m-holger	975fae1667	Merge pull request #1225 from m-holger/fuzz4 Limit memory used for JPEG decompression during fuzzing	2024-06-28 23:13:51 +01:00
m-holger	c93b149b4d	Limit memory used for JPEG decompression during fuzzing	2024-06-28 21:15:45 +01:00
m-holger	6ed2880405	Merge pull request #1224 from m-holger/fuzz3 Fix #1170	2024-06-27 08:47:42 +01:00
m-holger	732aab8610	Merge pull request #1222 from m-holger/fuzz2 In PL_DCT add option to limit the size of uncompressed corrupt data	2024-06-27 08:20:01 +01:00
m-holger	8ae3ef28ac	Fix #1170 In QPDF::read_xrefEntry add buffer overflow test for first eol character. Overlong f1 or f2 entries consisting only of zeros could cause a buffer overflow. Add fuzz testcase 69913.	2024-06-27 08:17:58 +01:00
m-holger	3d569e2171	Merge pull request #1221 from m-holger/fuzz Refine handling of severely damaged files	2024-06-27 01:18:37 +01:00

1 2 3 4 5 ...

3606 Commits