2
1
mirror of https://github.com/qpdf/qpdf.git synced 2024-11-10 07:11:07 +00:00
Commit Graph

40 Commits

Author SHA1 Message Date
m-holger
722148de3d Further limit size of uncompressed JPEG for fuzzing
Try a  limit of 50MB. For very large limits processing time before
damage is encountered may exceed oss-fuzz limits.
Add further test cases.
2024-07-11 14:32:22 +01:00
m-holger
2b6500ea17 In Pl_DCT::decompress refactor handling of corrupt data
If throw_on_corrupt is set, use a custom implementation of libjeg's
emit_message procedure to throw an exception when the first corrupt data
warning is encountered.
2024-07-09 20:55:51 +01:00
m-holger
43004e3399 Fix Pl_DCT memory limit 2024-07-08 13:31:02 +01:00
m-holger
edf3509b78 Treat corrupt JPEG streams as unfilterable 2024-07-04 17:06:42 +01:00
Jay Berkenbilt
65bd8bc57d Add DCT decompression config methods in favor of compile-time changes
As a rule, we should avoid conditional compilation is it always causes
code paths that are sometimes not even seen lexically by the compiler.
Also, we want the actual code being fuzzed to be as close as possible
to the real code. Conditional compilation is suitable to handle
underlying system differences.

Instead, favor configuration using callbacks or other methods that can
be triggered in the places where they need to be exercised.
2024-07-03 15:43:38 +01:00
m-holger
42c511198b Suppress excessive warnings while fuzzing
Add extra fuzz test case and amend memory limit for Pl_DCT.
2024-07-02 01:16:23 +01:00
m-holger
18c52640cc Refine #1225 2024-06-29 14:47:03 +01:00
m-holger
c93b149b4d Limit memory used for JPEG decompression during fuzzing 2024-06-28 21:15:45 +01:00
m-holger
d83cf43811 In PL_DCT add option to limit the size of uncompressed corrupt data
Also, apply limit in dct_fuzzer
2024-06-26 11:57:29 +01:00
m-holger
ae3642ce42 Code tidy - Clang-Tidy rule modernize-use-equals-default 2023-06-09 15:45:14 +01:00
m-holger
3c5700c255 Code tidy - reflow comments and strings 2023-06-02 16:00:40 +01:00
Jay Berkenbilt
60965d5f4d Rerun clang-format 2023-05-21 13:35:09 -04:00
m-holger
85d784952f Globally replace 'this->m->' with 'm->'
Using search and replace.
2023-05-21 14:42:34 +01:00
Jay Berkenbilt
d740c6ccce Rerun format_code (after merging clang-tidy PR) 2023-05-20 14:52:19 -04:00
m-holger
2fa581537b Use auto when initializing with a cast 2023-05-20 15:41:44 +01:00
m-holger
e28f4efb00 Replace deprecated C++ includes 2023-05-20 15:41:25 +01:00
m-holger
7f043fe88e Remove unused include directives 2023-05-20 15:37:41 +01:00
m-holger
2e6869483b Replace calls to QUtil::int_to_string with std::to_string 2022-09-21 15:57:14 -04:00
Jay Berkenbilt
21d6e3231f Make use of the new Pipeline methods in some places 2022-05-03 18:31:23 -04:00
Jay Berkenbilt
59f3e09edf Make Pipeline::write take an unsigned char const* (API change) 2022-05-03 18:31:22 -04:00
Jay Berkenbilt
75fe4f60c3 Use anonymous namespaces for file-private classes 2022-04-16 13:35:27 -04:00
Jay Berkenbilt
cdd0b4fb7d Use = default and = delete where possible in classes 2022-04-16 11:39:14 -04:00
Jay Berkenbilt
a68703b07e Replace PointerHolder with std::shared_ptr in library sources only
(patrepl and cleanpatch are my own utilities)

patrepl s/PointerHolder/std::shared_ptr/g {include,libqpdf}/qpdf/*.hh
patrepl s/PointerHolder/std::shared_ptr/g libqpdf/*.cc
patrepl s/make_pointer_holder/std::make_shared/g libqpdf/*.cc
patrepl s/make_array_pointer_holder/QUtil::make_shared_array/g libqpdf/*.cc
patrepl s,qpdf/std::shared_ptr,qpdf/PointerHolder, **/*.cc **/*.hh
git restore include/qpdf/PointerHolder.hh
cleanpatch
./format-code
2022-04-09 17:33:29 -04:00
Jay Berkenbilt
77e889495f Update some code manually to get better formatting results
Add comments to force line breaks, parenthesize function arguments
that are contatenated strings, etc. -- these kinds of changes improve
clang-format's results and also cause emacs cc-mode to match
clang-format. After this type of change, most of the time, when
clang-format and emacs disagree, clang-format is better.
2022-04-05 14:56:19 -04:00
Jay Berkenbilt
12f1eb15ca Programmatically apply new formatting to code
Run this:

for i in  **/*.cc **/*.c **/*.h **/*.hh; do
  clang-format < $i >| $i.new && mv $i.new $i
done
2022-04-04 08:10:40 -04:00
Jay Berkenbilt
40f1946df8 Replace PointerHolder arrays with shared_ptr arrays where possible
Replace PointerHolder arrays wherever it can be done without breaking ABI.
2022-02-07 17:38:22 -05:00
Jay Berkenbilt
9044a24097 PointerHolder: deprecate getPointer() and getRefcount()
Use get() and use_count() instead. Add #define
NO_POINTERHOLDER_DEPRECATION to remove deprecation markers for these
only.

This commit also removes all deprecated PointerHolder API calls from
qpdf's code except in PointerHolder's test suite, which must continue
to test the deprecated APIs.
2022-02-04 13:12:37 -05:00
Jay Berkenbilt
232f5fc9f3 Handle jpeg library fuzz false positives
The jpeg library has some assembly code that is missed by the compiler
instrumentation used by memory sanitization. There is a runtime
environment variable that is used to work around this issue.
2020-10-22 06:31:52 -04:00
Jay Berkenbilt
92d3cbecd4 Fix warnings reported by -Wshadow=local (fixes #431) 2020-04-16 12:41:43 -04:00
Jay Berkenbilt
79f6b4823b Convert remaining public classes to use Members pattern
Have classes contain only a single private member of type
PointerHolder<Members>. This makes it safe to change the structure of
the Members class without breaking binary compatibility. Many of the
classes already follow this pattern quite successfully. This brings in
the rest of the class that are part of the public API.
2019-06-22 10:13:27 -04:00
Jay Berkenbilt
d71f05ca07 Fix sign and conversion warnings (major)
This makes all integer type conversions that have potential data loss
explicit with calls that do range checks and raise an exception. After
this commit, qpdf builds with no warnings when -Wsign-conversion
-Wconversion is used with gcc or clang or when -W3 -Wd4800 is used
with MSVC. This significantly reduces the likelihood of potential
crashes from bogus integer values.

There are some parts of the code that take int when they should take
size_t or an offset. Such places would make qpdf not support files
with more than 2^31 of something that usually wouldn't be so large. In
the event that such a file shows up and is valid, at least qpdf would
raise an error in the right spot so the issue could be legitimately
addressed rather than failing in some weird way because of a silent
overflow condition.
2019-06-21 13:17:21 -04:00
Thorsten Schöning
2c704b99a1 Undefined functions because of missing std:: or header. (#295)
* [bcc32 Error] QPDF.cc(375): E2268 Call to undefined function 'atof'
  Full parser context
    QPDF.cc(358): parsing: void QPDF::parse(const char *)

* [bcc32 Error] QPDFTokenizer.cc(183): E2268 Call to undefined function 'strtol'
  Full parser context
    QPDFTokenizer.cc(163): parsing: void QPDFTokenizer::resolveLiteral()

* [bcc32 Error] pdf-split-pages.cc(52): E2268 Call to undefined function 'exit'
  Full parser context
    pdf-split-pages.cc(50): parsing: void usage()

* PR #295: Including "cstdlib" should be replaced with "stdlib.h" to be more consistent. At the same time I changed the order of the surrounding includes to reflect alphabetical order, because at some files this already have been the case.
2019-03-12 10:05:29 -04:00
Jay Berkenbilt
249e95f608 Fix test failure on MSVC 2017-09-15 23:09:04 -04:00
Jay Berkenbilt
6898bc8d98 Spell check 2017-09-15 23:09:04 -04:00
Jay Berkenbilt
f2ffb6968a Fix Windows compilation errors 2017-09-15 21:44:57 -04:00
Jay Berkenbilt
40ecba4172 Pl_DCT: Use custom source and destination managers (fixes #153)
Avoid calling jpeg_mem_src and jpeg_mem_dest. The custom destination
manager writes to the pipeline in smaller chunks to avoid having the
whole image in memory at once. The source manager works directly with
the Buffer object. Using customer managers avoids use of memory source
and destination managers, which are not present in older versions of
libjpeg still in use by some Linux distributions.
2017-09-07 22:59:11 -04:00
Jay Berkenbilt
e999bbae43 Fix memory leak with bad jpeg data 2017-08-28 22:16:45 -04:00
Jay Berkenbilt
83ec09f66c Do memory checks
Slightly improve memory cleanup in Pl_DCT
Make it easier to test with valgrind
2017-08-22 14:13:10 -04:00
Jay Berkenbilt
caf5e39c2e Fix compiler warnings for clang/mac OS X 2017-08-22 14:13:10 -04:00
Jay Berkenbilt
ae90d2c485 Implement Pl_DCT pipeline
Additional testing is added in later commits to be supported by
additional changes in the library.
2017-08-21 17:44:02 -04:00