1. Make class final
2. Pass og parameter by value
3. Properly initialize qpdf and og
Also, tweak QPDF::replaceObject to allow stream replacement without
violating the requirement that streams must always be indirect objects.
Also, remove QPDF::reserveStream as it does not do what the name implies
and having this as a separate methods does not aid code readability.
QPDF::read_xrefTable ignores type 0 entries for objects in a section if an
associates XRefStm has an entry for the same object.
The spec states:
When the conforming reader searches for an object, if an entry is not
found in any given standard cross-reference section, the search shall
proceed to a cross-reference stream specified by the XRefStm entry
before looking in the previous cross-reference section,
If a deleted entry is found in a section, the XRefStm is not searched
according to the standard.
Create unresolved objects only for objects in the xref table (except during
parsing of the xref table). Do not add indirect nulls into the the object
cache as the result of a cache miss during a call to getObject except
during parsing or creation/updating from JSON. To support this behaviour,
add new private methods getObjectForParser and getObjectForJSON.
As a result of this change, dangling references are treated as direct nulls
rather than indirect nulls.
Prepare for treating indirect references differently depending on whether
we are parsing a PDF file (in which case reference to objects not in the
xref table are null even if they are in the object cache) or whether parse
from user code (in which case an indirect reference can refer to a user
created object).
As a rule, we should avoid conditional compilation is it always causes
code paths that are sometimes not even seen lexically by the compiler.
Also, we want the actual code being fuzzed to be as close as possible
to the real code. Conditional compilation is suitable to handle
underlying system differences.
Instead, favor configuration using callbacks or other methods that can
be triggered in the places where they need to be exercised.
In QPDF::read_xrefEntry add buffer overflow test for first eol character.
Overlong f1 or f2 entries consisting only of zeros could cause a buffer
overflow.
Add fuzz testcase 69913.
Apply temporary fix to deal with fuzz case 68915.
(Error is an integer overflow which would immediately cause a runtime error
as a result of a call to QInitCQIntC::to_size.)
Move reading of the entry from read_xrefTable to parse_xrefEntry.
Split parse_xrefEntry into two new methods read_xrefEntry and
read_bad_xrefEntry. read_xrefEntry is optimised for reading
correct entries. To handle incorrect entries it calls read_bad_xrefEntry,
which is largely unchanged from parse_xrefEntry.