m-holger
c2c1618e08
Add extra sanity check on pages tree
...
Reject non-dictionary Page and Pages objects.
Also add additional qpdf_fuzzer test cases.
2024-07-10 19:03:23 +01:00
m-holger
1ec5d3daa8
Merge pull request #1236 from m-holger/fuzz
...
Add additional xref reconstruction sanity checks and fuzz test cases
2024-07-10 00:29:37 +01:00
m-holger
2b6500ea17
In Pl_DCT::decompress refactor handling of corrupt data
...
If throw_on_corrupt is set, use a custom implementation of libjeg's
emit_message procedure to throw an exception when the first corrupt data
warning is encountered.
2024-07-09 20:55:51 +01:00
m-holger
7172dbd4e0
Add additional fuzzer test cases
...
Add test case for oss-fuzz 15471 and 69977a
2024-07-09 17:17:10 +01:00
m-holger
2e378d920d
Add additional sanity check during xref reconstruction
...
Check that xref table is not empty after recovery. Empty xref tables
disable other sanity checks.
2024-07-09 17:01:44 +01:00
m-holger
7445e0ac1e
Fix QPDF::setSuppressWarnings
2024-07-09 16:38:02 +01:00
m-holger
9ffa201422
Merge pull request #1234 from m-holger/dct_fuzz
...
Fix Pl_DCT memory limit
2024-07-09 00:46:14 +01:00
m-holger
43004e3399
Fix Pl_DCT memory limit
2024-07-08 13:31:02 +01:00
m-holger
55216955b7
Merge pull request #1233 from m-holger/fuzz
...
Add qpdf_fuzzer test case
2024-07-08 00:22:51 +01:00
m-holger
e76d668219
Add qpdf_fuzzer test case
2024-07-07 23:58:18 +01:00
m-holger
e9df787132
Merge pull request #1231 from m-holger/fuzz
...
In QPDF::processXRefIndex check number of objects in subsection is > 0
2024-07-07 00:22:52 +01:00
m-holger
c1cd3ec8a0
In QPDF::processXRefIndex check number of objects in subsection is > 0
...
Fixes oss-fuzz 70055
2024-07-06 16:09:50 +01:00
m-holger
ce2deaf185
Merge pull request #1230 from m-holger/clean-dct-fuzz-changes
...
Alternative clean dct fuzz changes
2024-07-06 06:10:27 +01:00
Jay Berkenbilt
7d478651d1
Ignore previous commit for git blame
2024-07-05 13:29:19 -04:00
Jay Berkenbilt
d7b909f97d
Normalize whitespace in ChangeLog
2024-07-05 13:28:49 -04:00
m-holger
f0ded6bca8
Add test case for self-referential object streams
...
Previous test case was lost in #1221 . Test file was created from
object-stream.pdf by adding a reference to itself into object stream 1 0.
2024-07-04 20:40:47 +01:00
m-holger
edf3509b78
Treat corrupt JPEG streams as unfilterable
2024-07-04 17:06:42 +01:00
Jay Berkenbilt
598268f6ad
Add setMaxWarnings rather than using conditional compilation
2024-07-03 15:44:44 +01:00
Jay Berkenbilt
65bd8bc57d
Add DCT decompression config methods in favor of compile-time changes
...
As a rule, we should avoid conditional compilation is it always causes
code paths that are sometimes not even seen lexically by the compiler.
Also, we want the actual code being fuzzed to be as close as possible
to the real code. Conditional compilation is suitable to handle
underlying system differences.
Instead, favor configuration using callbacks or other methods that can
be triggered in the places where they need to be exercised.
2024-07-03 15:43:38 +01:00
m-holger
b45e3420d6
Merge pull request #1228 from m-holger/fuzz7
...
Add further sanity and loop detection checks
2024-07-02 01:52:14 +01:00
m-holger
a367e56afc
In QPDF::resolveObjectsInStream avoid creating xref table entries
...
Invalid entries are created when objects in the stream do not have
an existing xref entry.
2024-07-02 01:16:23 +01:00
m-holger
6d640c569a
Add additional object id sanity checks
...
Ensure objects with impossibly large ids are ignored.
2024-07-02 01:16:23 +01:00
m-holger
42c511198b
Suppress excessive warnings while fuzzing
...
Add extra fuzz test case and amend memory limit for Pl_DCT.
2024-07-02 01:16:23 +01:00
m-holger
9081ac69cd
Merge pull request #1227 from m-holger/fuzz6
...
Refine #1225
2024-06-30 01:50:36 +01:00
m-holger
09492eea06
Merge pull request #1226 from m-holger/fuzz5
...
In QPDFOutlineObjectHelper detect loops in direct children
2024-06-30 01:50:16 +01:00
m-holger
18c52640cc
Refine #1225
2024-06-29 14:47:03 +01:00
m-holger
0a081e1f09
In QPDFOutlineObjectHelper detect loops in direct children
...
Also, add diagnostic messages in qpdf_fuzzer and additional fuzz test case.
2024-06-29 12:38:07 +01:00
m-holger
975fae1667
Merge pull request #1225 from m-holger/fuzz4
...
Limit memory used for JPEG decompression during fuzzing
2024-06-28 23:13:51 +01:00
m-holger
c93b149b4d
Limit memory used for JPEG decompression during fuzzing
2024-06-28 21:15:45 +01:00
m-holger
6ed2880405
Merge pull request #1224 from m-holger/fuzz3
...
Fix #1170
2024-06-27 08:47:42 +01:00
m-holger
732aab8610
Merge pull request #1222 from m-holger/fuzz2
...
In PL_DCT add option to limit the size of uncompressed corrupt data
2024-06-27 08:20:01 +01:00
m-holger
8ae3ef28ac
Fix #1170
...
In QPDF::read_xrefEntry add buffer overflow test for first eol character.
Overlong f1 or f2 entries consisting only of zeros could cause a buffer
overflow.
Add fuzz testcase 69913.
2024-06-27 08:17:58 +01:00
m-holger
3d569e2171
Merge pull request #1221 from m-holger/fuzz
...
Refine handling of severely damaged files
2024-06-27 01:18:37 +01:00
m-holger
d83cf43811
In PL_DCT add option to limit the size of uncompressed corrupt data
...
Also, apply limit in dct_fuzzer
2024-06-26 11:57:29 +01:00
m-holger
3468ce362d
Bump version to 11.10.0
2024-06-26 11:57:02 +01:00
m-holger
4a8c821e3e
In QPDF::reconstruct_xref add sanity check for object ids
2024-06-25 15:46:47 +01:00
m-holger
e62973d277
In QPDF check for page tree after reading xref table
...
Also add new fuzz test case.
2024-06-25 15:18:54 +01:00
m-holger
9ed34aec10
Merge pull request #1216 from m-holger/fuzz
...
Amend fuzz future
2024-06-22 15:23:39 +01:00
m-holger
fff205dc7f
Try moving only files matching *_fuzzer* in fuzzer build
2024-06-22 10:19:30 +01:00
m-holger
af66bf5670
Bump version to 11.9.2
2024-06-21 17:33:38 +01:00
m-holger
295f62f041
Merge pull request #1170 from m-holger/readxref
...
Refactor QPDF::parse_xrefEntry
2024-06-19 20:08:44 +01:00
m-holger
6ad16cd1fd
In FUTURE make QPDFObjectHandle methods const and noexcept where possible
2024-06-19 10:34:01 +01:00
m-holger
f49f43fed1
Add separate FUTURE header file for QPDFObjectHandle
2024-06-19 10:34:01 +01:00
m-holger
9641626cae
Refactor resolving of objects
2024-06-19 10:34:01 +01:00
m-holger
ce5b864c53
Merge pull request #1201 from m-holger/xref_stream
...
QPDF::processXRefStream
2024-06-18 20:21:39 +01:00
m-holger
95ef3552da
Merge pull request #1202 from m-holger/wip
...
Update README-maintainer with wip / modernize qpdf
2024-06-18 19:36:45 +01:00
m-holger
71a4e66d99
Update README-maintainer with wip / modernize qpdf
2024-06-18 17:49:29 +01:00
Jay Berkenbilt
516d88566d
Merge pull request #1214 from jberkenbilt/fuzz-future
...
Fuzz future
2024-06-18 11:35:59 -04:00
Jay Berkenbilt
aaa6547335
Build all fuzzers with FUTURE=ON and FUTURE=OFF
2024-06-18 11:00:44 -04:00
Jay Berkenbilt
293203ac2d
Use more idiomatic OFF and ON with cmake
2024-06-18 10:55:19 -04:00