2
1
mirror of https://github.com/qpdf/qpdf.git synced 2024-11-16 09:37:08 +00:00
Commit Graph

674 Commits

Author SHA1 Message Date
Jay Berkenbilt
5e6dfc938e Prepare 9.1.rc1 release 2019-11-09 22:00:53 -05:00
Jay Berkenbilt
c4478e5249 Allow odd/even modifiers in numeric range (fixes #364) 2019-11-09 13:23:12 -05:00
Jay Berkenbilt
5508f74603 Allow /P in encryption dictionary to be positive (fixes #382)
Even though this is disallowed by the spec, files like this have been
encountered in the wild.
2019-11-09 12:33:15 -05:00
Jay Berkenbilt
127a957aee Allow runtime inspection/override of crypto provider 2019-11-09 09:53:42 -05:00
Jay Berkenbilt
88bedb41fe Implement gnutls crypto provider (fixes #218)
Thanks to Zdenek Dohnal <zdohnal@redhat.com> for contributing the code
used for the gnutls crypto provider.
2019-11-09 09:53:38 -05:00
Jay Berkenbilt
cc14523440 Update autoconf to support crypto selection 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
d0a53cd3ea Fix typos in configure.ac 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
c03ced09c0 Isolate source files used for native crypto 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
d1ffe46c04 AES_PDF: move CBC logic from pipeline to AES_PDF implementation 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
c8cda4f965 AES_PDF: switch to pluggable crypto 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
bb427bd117 SHA2: switch to pluggable crypto 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
eadc222ff9 Rename SHA2 implementation (non-bisectable) 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
4287fcc002 RC4: switch to pluggable crypto 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
0cdcd10228 Rename RC4 implementation (non-bisectable) 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
ce8f9b6608 MD5: switch to pluggable crypto 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
5c3e856e9f Rename MD5 implementation (non-bisectable)
Just rename MD5 -> MD5_native in place so that git annotate will show
the lines as having originated there.
2019-11-09 08:18:02 -05:00
Jay Berkenbilt
2de41856a0 QPDFCryptoProvider: initial implementation 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
700f5b961e Remove int type checks -- subsumed by C++-11 2019-11-09 08:18:02 -05:00
Jay Berkenbilt
653ce3550d Require C++-11
Includes updates to m4/ax_cxx_compile_stdcxx.m4 to make it work with
msvc, which supports C++-11 with no flags but doesn't set __cplusplus
to a recent value.
2019-11-09 08:18:02 -05:00
Jay Berkenbilt
9094fb1f8e Fix two additional fuzz test cases 2019-11-03 18:59:12 -05:00
Masamichi Hosoda
5a842792b6 Parse Contents in signature dictionary without encryption
Various PDF digital signing tools do not encrypt /Contents value in
signature dictionary. Adobe Acrobat Reader DC can handle a PDF with
the /Contents value not encrypted.

Write Contents in signature dictionary without encryption

Tests ensure that string /Contents are not handled specially when not
found in sig dicts.
2019-10-22 16:20:21 -04:00
Masamichi Hosoda
cdc46d78f4 Add QPDFObject::getParsedOffset() 2019-10-22 16:19:06 -04:00
Masamichi Hosoda
50b329ee9f Add QPDFWriter::getWrittenXRefTable() 2019-10-22 16:16:16 -04:00
Masamichi Hosoda
5cf4090aee Add QPDFWriter::getRenumberedObjGen() 2019-10-22 16:16:16 -04:00
Masamichi Hosoda
46ac3e21b3 Add QPDF::getXRefTable() 2019-10-22 16:16:16 -04:00
Masamichi Hosoda
06b818dcd3 Exclude signature dictionary from compressible objects
It seems better not to compress signature dictionaries. Various PDF
digital signing tools, including Adobe Acrobat Reader DC, do not
compress signature dictionaries.

Table 8.93 "Entries in a signature dictionary" in PDF 1.5 reference
describes that /ByteRange in the signature dictionary shall be used to
describe a digest that does not include the signature value
(/Contents) itself.

The byte ranges cannot be determined if the dictionary is compressed.
2019-10-22 16:16:16 -04:00
Masamichi Hosoda
5e0ba12687 Fix /Contents value representation in a signature dictionary
Table 8.93 "Entries in a signature dictionary" in PDF 1.5 reference
describes that the value of Contents entry is a hexadecimal string
representation when ByteRange is specified.

This commit makes QPDF always uses hexadecimal strings representation
instead of literal strings for it.
2019-10-22 16:16:16 -04:00
Jay Berkenbilt
3094955dee Prepare 9.0.2 release 2019-10-12 19:37:40 -04:00
Jay Berkenbilt
4ea940b03c Prepare 9.0.1 release 2019-09-20 07:38:18 -04:00
Jay Berkenbilt
685250d7d6 Correct reversed Rectangle coordinates (fixes #363) 2019-09-19 21:25:34 -04:00
Jay Berkenbilt
48b7de2cc3 Fix typo in comment 2019-09-19 21:04:32 -04:00
Jay Berkenbilt
8b1e307741 Warn for duplicated dictionary keys (fixes #345) 2019-09-19 20:22:34 -04:00
Jay Berkenbilt
bb83e65193 Fix fuzz issue 16953 (overflow checking in xref stream index) 2019-09-17 19:48:47 -04:00
Jay Berkenbilt
17d431dfd5 Fix integer type warnings for big-endian systems 2019-09-17 19:14:27 -04:00
Jay Berkenbilt
5462dfce31 Prepare 9.0.0 release 2019-08-31 20:07:36 -04:00
Jay Berkenbilt
babd12c9b2 Add methods QPDF::anyWarnings and QPDF::closeInputSource 2019-08-31 15:51:20 -04:00
Jay Berkenbilt
4fa7b1eb60 Add remove_file and rename_file to QUtil 2019-08-31 15:51:04 -04:00
Jay Berkenbilt
0e51a9aca6 Don't encrypt trailer, fixes fuzz issue 15983
Ordinarily the trailer doesn't contain any strings, so this is usually
a non-issue, but if the trailer contains strings, linearizing and
encrypting with object streams would include encrypted strings in the
trailer, which would blow out the padding because encrypted strings
are longer than their cleartext counterparts.
2019-08-28 23:06:32 -04:00
Jay Berkenbilt
47a38a942d Detect stream in object stream, fixing fuzz 16214
It's detected in QPDFWriter instead of at parse time because I can't
figure out how to construct a test case in a reasonable time. This
commit moves the fuzz file into the regular test suite for a QTC
coverage case.
2019-08-28 12:49:04 -04:00
Jay Berkenbilt
ba5fb69164 Make popping pipeline stack safer
Use destructors to pop the pipeline stack, and ensure that code that
pops the stack is actually popping the intended thing.
2019-08-27 22:27:47 -04:00
Jay Berkenbilt
dadf8307c8 Fix fuzz issues 15316 and 15390 2019-08-27 20:39:06 -04:00
Jay Berkenbilt
456c285b02 Fix fuzz issue 16172 (overflow checking in OffsetInputSource) 2019-08-27 13:08:07 -04:00
Jay Berkenbilt
ad8081daf5 Fix fuzz issue 15442 (overflow checking in BufferInputSource) 2019-08-27 11:26:25 -04:00
Jay Berkenbilt
9a095c5c76 Seek in two stages to avoid overflow
When seeing to a position based on a value read from the input, we are
prone to integer overflow (fuzz issue 15442). Seek in two stages to
move the overflow check into the input source code.
2019-08-27 11:26:25 -04:00
Jay Berkenbilt
ac5e6de2e8 Fix fuzz issue 15387 (overflow checking xref size) 2019-08-27 11:26:25 -04:00
Jay Berkenbilt
6bc4cc3d48 Fix fuzz issue 15475 2019-08-25 22:52:25 -04:00
Jay Berkenbilt
94e86e2528 Fix fuzz issue 16301 2019-08-25 22:52:25 -04:00
Jay Berkenbilt
5da146c8b5 Track separately whether password was user/owner (fixes #159) 2019-08-24 11:01:19 -04:00
Jay Berkenbilt
5a0aef55a0 Split long line 2019-08-24 10:58:51 -04:00
Jay Berkenbilt
2794bfb1a6 Add flags to control zlib compression level (fixes #113) 2019-08-23 20:34:21 -04:00