octoleo
/
qpdf
mirror of https://github.com/qpdf/qpdf.git
2
1
Fork 0
Code Issues Releases Wiki Activity
1,416 Commits 16 Branches 94 Tags 38 MiB
Commit Graph

1416 Commits

Author SHA1 Message Date
Jay Berkenbilt 9c44719f05 Exclude emacs backups in autogen.sh 2019-08-30 06:13:33 -04:00
Jay Berkenbilt d4c41e2624 TODO: update notes on ignored fuzz cases 2019-08-28 23:06:57 -04:00
Jay Berkenbilt 0e51a9aca6 Don't encrypt trailer, fixes fuzz issue 15983 
Ordinarily the trailer doesn't contain any strings, so this is usually
a non-issue, but if the trailer contains strings, linearizing and
encrypting with object streams would include encrypted strings in the
trailer, which would blow out the padding because encrypted strings
are longer than their cleartext counterparts.
 2019-08-28 23:06:32 -04:00
Jay Berkenbilt bb3ae14f04 More fuzzer notes 2019-08-28 23:06:32 -04:00
Jay Berkenbilt 47a38a942d Detect stream in object stream, fixing fuzz 16214 
It's detected in QPDFWriter instead of at parse time because I can't
figure out how to construct a test case in a reasonable time. This
commit moves the fuzz file into the regular test suite for a QTC
coverage case.
 2019-08-28 12:49:04 -04:00
Jay Berkenbilt 15248aa54b Safe pipeline pop fixed fuzz issue 15445 2019-08-27 22:27:47 -04:00
Jay Berkenbilt ba5fb69164 Make popping pipeline stack safer 
Use destructors to pop the pipeline stack, and ensure that code that
pops the stack is actually popping the intended thing.
 2019-08-27 22:27:47 -04:00
Jay Berkenbilt dadf8307c8 Fix fuzz issues 15316 and 15390 2019-08-27 20:39:06 -04:00
Jay Berkenbilt 456c285b02 Fix fuzz issue 16172 (overflow checking in OffsetInputSource) 2019-08-27 13:08:07 -04:00
Jay Berkenbilt ad8081daf5 Fix fuzz issue 15442 (overflow checking in BufferInputSource) 2019-08-27 11:26:25 -04:00
Jay Berkenbilt 9a095c5c76 Seek in two stages to avoid overflow 
When seeing to a position based on a value read from the input, we are
prone to integer overflow (fuzz issue 15442). Seek in two stages to
move the overflow check into the input source code.
 2019-08-27 11:26:25 -04:00
Jay Berkenbilt ac5e6de2e8 Fix fuzz issue 15387 (overflow checking xref size) 2019-08-27 11:26:25 -04:00
Jay Berkenbilt 6bc4cc3d48 Fix fuzz issue 15475 2019-08-25 22:52:25 -04:00
Jay Berkenbilt 94e86e2528 Fix fuzz issue 16301 2019-08-25 22:52:25 -04:00
Jay Berkenbilt 8721f189f8 Move qpdf_fuzzer tests to the end 
This makes it faster to iterate on the other ones.
 2019-08-25 22:52:25 -04:00
Jay Berkenbilt ecca87d73c Fuzz build: allow easy addition of test files 2019-08-25 22:52:25 -04:00
Jay Berkenbilt 9ebb55aff1 Include password match information in show encryption 2019-08-24 11:01:19 -04:00
Jay Berkenbilt 5da146c8b5 Track separately whether password was user/owner (fixes #159) 2019-08-24 11:01:19 -04:00
Jay Berkenbilt 5a0aef55a0 Split long line 2019-08-24 10:58:51 -04:00
Jay Berkenbilt 53930d96d0 Add some clarification to encryption in the manual 
Per user suggestion in issue 351.
 2019-08-23 21:27:41 -04:00
Jay Berkenbilt 2794bfb1a6 Add flags to control zlib compression level (fixes #113) 2019-08-23 20:34:21 -04:00
Jay Berkenbilt dac0598b94 Add ability to set zlib compression level globally 2019-08-23 20:34:21 -04:00
Jay Berkenbilt bda5d26894 Maintainer notes: don't use --disable-shared by default 
This covers up forgetting to use QPDF_DLL and QPDF_DLL_CLASS.
 2019-08-22 22:55:29 -04:00
Jay Berkenbilt 3f1ab64066 Pass offset and length to ParserCallbacks::handleObject 2019-08-22 22:54:29 -04:00
Jay Berkenbilt 4b2e72c4cd Test for direct, rather than resolved nulls in parser 
Just because we know an indirect reference is null, doesn't mean we
shouldn't keep it indirect.
 2019-08-22 17:55:16 -04:00
Jay Berkenbilt 3f3dbe22ea Remove array null flattening 
For some reason, qpdf from the beginning was replacing indirect
references to null with literal null in arrays even after removing the
old behavior of flattening scalar references. This seems like a bad
idea.
 2019-08-22 17:55:16 -04:00
Jay Berkenbilt 4b674b42e4 Mention name tokens in TokenFilter comments 2019-08-22 17:55:16 -04:00
Jay Berkenbilt 225cd9dac2 Protect against coding error of re-entrant parsing 2019-08-22 17:55:16 -04:00
Jay Berkenbilt ae5bd7102d Accept extraneous space before xref (fixes #341) 2019-08-19 22:24:53 -04:00
Jay Berkenbilt 8a9086a689 Accept extraneous space after stream keyword (fixes #329) 2019-08-19 21:43:44 -04:00
Jay Berkenbilt 43f91f58b8 Improve invalid name token warning message 
This message used to only appear for PDF >= 1.2. The invalid name is
valid for PDF 1.0 and 1.1. However, since QPDFWriter may write a newer
version, it's better to detect and warn in all cases. Therefore make
the warning more informative.
 2019-08-19 19:48:27 -04:00
Jay Berkenbilt 42d396f1dd Handle invalid name tokens symmetrically for PDF < 1.2 (fixes #332) 2019-08-19 19:48:27 -04:00
Jay Berkenbilt d9dd99eca3 Attempt to repair /Type key in pages nodes (fixes #349) 2019-08-18 18:54:37 -04:00
Jay Berkenbilt c032f7c972 Improve how qtest finds windows /bin 2019-08-18 15:46:01 -04:00
Jay Berkenbilt 89dacd8eba Array optimization fixes performance issues (fixes #305, #311) 2019-08-18 09:00:55 -04:00
Jay Berkenbilt 522d2b2227 Improve efficiency of fixDanglingReferences 2019-08-18 09:00:40 -04:00
Jay Berkenbilt 5187a3ec85 Shallow copy arrays without removing sparseness 2019-08-17 23:02:41 -04:00
Jay Berkenbilt bf7c6a8070 Use SparseOHArray in parsing 2019-08-17 23:02:41 -04:00
Jay Berkenbilt e5f504b6c5 Use SparseOHArray in QPDF_Array 2019-08-17 23:02:41 -04:00
Jay Berkenbilt a89d8a0677 Refactor QPDF_Array in preparation for using SparseOHArray 2019-08-17 23:02:41 -04:00
Jay Berkenbilt e83f3308fb SparseOHArray 2019-08-17 23:02:41 -04:00
Jay Berkenbilt 04419d7c32 Maintainer notes for using profiler 2019-08-17 10:17:20 -04:00
Jay Berkenbilt 8d7db4732b TODO: add note to outlines 2019-07-13 21:35:14 -04:00
Jay Berkenbilt 88c1956705 Update comment in PointerHolder 2019-07-13 21:34:46 -04:00
Thorsten Schöning 8f06da7534 Change list to vector for outline helpers (fixes #297) 
This change works around STL problems with Embarcadero C++ Builder
version 10.2, but std::vector is more common than std::list in qpdf,
and this is a relatively new API, so an API change is tolerable.

Thanks to Thorsten Schöning <6223655+ams-tschoening@users.noreply.github.com>
for the fix.
 2019-07-03 20:08:47 -04:00
Jay Berkenbilt 4db1de97ce Convert some cases of logic_error to runtime_error 
There were a few cases that could be caused by invalid input rather
than bugs in the code which were throwing logic_error instead of
runtime_error.
 2019-06-25 12:43:06 -04:00
Jay Berkenbilt 201e8798d7 Convert previously overlooked static cast to QIntC 2019-06-25 12:43:06 -04:00
Jay Berkenbilt 0ae344d002 Add fuzzers to exercise specific pipeline classes 2019-06-23 15:37:21 -04:00
Jay Berkenbilt 43ff34b49c Update TODO 2019-06-23 14:57:10 -04:00
Jay Berkenbilt 04f45cf652 Treat all linearization errors as warnings 
This also reverts the addition of a new checkLinearization that
distinguishes errors from warnings. There's no practical distinction
between what was considered an error and what was considered a
warning.
 2019-06-23 13:45:45 -04:00