2
1
mirror of https://github.com/qpdf/qpdf.git synced 2024-11-16 01:27:07 +00:00
Commit Graph

886 Commits

Author SHA1 Message Date
Jay Berkenbilt
ac3c81a8ed Include tests for other infinite loop bugs
fixes #117
fixes #118
fixes #119
fixes #120

Several other infinite loop bugs were fixed by previous changes.
Include their test files in the test suite.
2017-07-26 06:24:07 -04:00
Jay Berkenbilt
12db09898e Don't interpret word tokens in content streams (fixes #82) 2017-07-26 06:24:07 -04:00
Jay Berkenbilt
701b518d5c Detect recursion loops resolving objects (fixes #51)
During parsing of an object, sometimes parts of the object have to be
resolved. An example is stream lengths. If such an object directly or
indirectly points to the object being parsed, it can cause an infinite
loop. Guard against all cases of re-entrant resolution of objects.
2017-07-26 06:24:07 -04:00
Jay Berkenbilt
afe0242b26 Handle object ID 0 (fixes #99)
This is CVE-2017-9208.

The QPDF library uses object ID 0 internally as a sentinel to
represent a direct object, but prior to this fix, was not blocking
handling of 0 0 obj or 0 0 R as a special case. Creating an object in
the file with 0 0 obj could cause various infinite loops. The PDF spec
doesn't allow for object 0. Having qpdf handle object 0 might be a
better fix, but changing all the places in the code that assumes objid
== 0 means direct would be risky.
2017-07-26 06:24:07 -04:00
Jay Berkenbilt
315092dd98 Avoid xref reconstruction infinite loop (fixes #100)
This is CVE-2017-9209.
2017-07-26 06:24:07 -04:00
Jay Berkenbilt
603f222365 Fix infinite loop while reporting an error (fixes #101)
This is CVE-2017-9210.

The description string for an error message included unparsing an
object, which is too complex of a thing to try to do while throwing an
exception. There was only one example of this in the entire codebase,
so it is not a pervasive problem. Fixing this eliminated one class of
infinite loop errors.
2017-07-26 06:24:07 -04:00
Jay Berkenbilt
bd6c845619 Fix typo in comment 2017-07-26 06:24:07 -04:00
Jay Berkenbilt
e0ee307a19 Updates for newer Windows toolchain 2017-07-26 06:24:07 -04:00
Jay Berkenbilt
d4d7612b5b Note about std::regex attempt 2016-12-27 14:34:18 -05:00
Jay Berkenbilt
e8b845dd03 install target: only install docs if building
Don't try to install HTML or PDF documentation if we're not building
docs.
2016-09-10 14:30:47 -04:00
Jay Berkenbilt
80988380cc Fix page range example in documentation 2016-09-10 10:56:21 -04:00
Thorsten Schöning
b3c08f4f8d C++-Builder supports 64 Bit file functions
The 64 Bit file functions are supported by C++-Builder as well and
need to be used, else fseek will error out on larger files than 4 GB
like used in the large file test.
2016-01-24 12:07:20 -05:00
Thorsten Schöning
7c08aa4280 Include QPDFExc.hh for use in std::list 2016-01-24 12:07:03 -05:00
Thorsten Schöning
bfb9341310 Use RM_WS_ONLY_LINES in test
Some compilers output extra newlines in some cases.
2016-01-24 12:05:22 -05:00
Thorsten Schöning
953e6f641f Include stdlib.h to provide exit 2016-01-24 12:05:02 -05:00
Thorsten Schöning
e0201c12cc Include QPDFObjectHandle for use in std::list
QPDFObjectHandle was used as forward declaration, but C++-Builder 10
Seattle can't use it in std::list in such cases because the type is
undefined.
2016-01-24 12:04:25 -05:00
Thorsten Schöning
d404360461 From qtest: add RM_WS_ONLY_LINES option
qutil.cc uses strerror to print some exceptions and adds a newline
afterwards, but strerror in Windows already adds one newline at the
end of the message and the additional one from std::endl breaks the
output vs. the expected one.
2016-01-24 11:58:33 -05:00
Jay Berkenbilt
15502013a9 Tweak wording of Thorsten's documentation updates 2016-01-24 11:52:09 -05:00
Thorsten Schöning
dded2ec063 Add notes for running more tests on Windows
Provide notes about LibTiff and such.
2016-01-24 11:52:09 -05:00
Thorsten Schöning
e80b6e3341 Support paths with spaces 2016-01-24 11:52:09 -05:00
Thorsten Schöning
eff935ab60 Use absolute paths for large file tests
Working with absolute paths makes debugging easier, but some called
scripts always need / as dir separator or won't work.
2016-01-24 11:52:09 -05:00
Thorsten Schöning
adbaa54ad4 Fix non-portable use of /dev/null
/dev/null is not portable, so use File::Spec instead, which provides
portable "paths" and especially "nul" on Windows. I changed all places
with hard coded /dev/null to be sure, while I think it only is a
problem in direct system calls, because the other executed commands go
to sh.exe from MSYS which itself should port /dev/null to NUL. The
test still pass, so shouldn't have made any harm...
2016-01-24 11:52:09 -05:00
Thorsten Schöning
951dbc3b7f Fix expr syntax, support spaces in paths
expr needs ARG + ARG
quote paths to support support spaces
2016-01-24 11:52:09 -05:00
Thorsten Schöning
3c1555a622 Explicitly invoke shell scripts with sh
Shebang doesn't work well on Windows.
2016-01-24 11:52:09 -05:00
Thorsten Schöning
8ae7001729 Useless use of a constant in void context
Remove an extraneous newline to avoid useless constant warning.
2016-01-24 11:51:38 -05:00
Jay Berkenbilt
b7302a9b72 Prepare 6.0.0 release 2015-11-10 12:48:52 -05:00
Jay Berkenbilt
1f4a67912c Bump library soname
Also update maintainer documentation on binary compatibility testing.
2015-11-10 12:42:37 -05:00
Jay Berkenbilt
e0e9d64674 Remove some ABI compatibility private methods
Since we have to bump soname, remove some private methods that were
just there for binary compatibility
2015-11-10 12:22:40 -05:00
Jay Berkenbilt
e5abc789a2 Prepare 5.2.0 release 2015-11-01 16:40:01 -05:00
Jay Berkenbilt
e066488306 Comment use of static ID in examples
Make sure people know that static ID should be used only for testing.
2015-11-01 16:40:01 -05:00
Jay Berkenbilt
8ddca96e2d Fix copyright year in manual 2015-10-31 19:10:19 -04:00
Jay Berkenbilt
ccc4f13509 Linearize manual 2015-10-31 19:10:19 -04:00
Jay Berkenbilt
0496ab1a6e Fix spelling errors 2015-10-31 18:56:43 -04:00
Jay Berkenbilt
b62cbe2508 Tolerate some mangled xref tables
If xref table entries lack the spec-required trailing whitespace or
contain a small amount of extra space, handle them anyway.
2015-10-31 18:56:43 -04:00
Jay Berkenbilt
f0b85a1eb1 Remove trailing whitespace 2015-10-31 18:56:43 -04:00
Jay Berkenbilt
b029555909 Bump soname minor revision for ABI additions 2015-10-31 18:56:43 -04:00
Jay Berkenbilt
b8bdef0ad1 Implement deterministic ID
For non-encrypted files, determinstic ID generation uses file contents
instead of timestamp and file name. At a small runtime cost, this
enables generation of the same /ID if the same inputs are converted in
the same way multiple times.
2015-10-31 18:56:42 -04:00
Jay Berkenbilt
607c392112 Mention debian copyright 2015-09-06 18:56:11 -04:00
Jay Berkenbilt
94e55394ed Prepare 5.1.3 release 2015-05-24 17:26:49 -04:00
Jay Berkenbilt
2d0cc34f98 Update documentation for 5.1.3 2015-05-24 17:26:49 -04:00
Jay Berkenbilt
f77acbdbba Copyright 2015 2015-05-24 17:26:49 -04:00
Jay Berkenbilt
82713c4afa Notes to self on local Windows build 2015-05-24 17:26:49 -04:00
Jay Berkenbilt
b356b9dfa2 fix-qdf: handle object streams with > 255 objects
fix-qdf was previously hard-coding the number of bytes for the f2
field of the xref stream entry. This addresses issue #37. Thanks
aluebcke for reporting.
2015-05-24 16:52:42 -04:00
Jay Berkenbilt
cf43882e9f Handle Microsoft crypt provider without prior keys
As reported in issue #40, a call to CryptAcquireContext in
SecureRandomDataProvider fails in a fresh windows install prior to any
user keys being created in AppData\Roaming\Microsoft\Crypto\RSA.

Thanks michalrames.
2015-05-24 16:52:42 -04:00
Jay Berkenbilt
857bb208d3 include time.h in QUtil.hh
QUtil.hh needs time.h to get time_t on some platforms. Thanks Peter
Korsgaard <peter@korsgaard.com>
2015-05-24 16:26:05 -04:00
Jay Berkenbilt
5c9c5d537b Update TODO with some small enhancements
There have been a few enhancements requested that only affect the qpdf
command line tool and that should be relatively quick to implement.
Work out the details and acknowledge these publicly in the TODO file.
2015-05-24 16:26:05 -04:00
Jay Berkenbilt
a11549a566 Detect loops in /Pages structure
Pushing inherited objects to pages and getting all pages were both
prone to stack overflow infinite loops if there were loops in the
Pages dictionary. There is a general weakness in the code in that any
part of the code that traverses the Pages structure would be prone to
this and would have to implement its own loop detection. A more robust
fix may provide some general method for handling the Pages structure,
but it's probably not worth doing.

Note: addition of *Internal2 private functions was done rather than
changing signatures of existing methods to avoid breaking
compatibility.
2015-02-21 19:47:11 -05:00
Jay Berkenbilt
28a9df5119 Avoid buffer overrun copying digest
Converting a password to an encryption key is supposed to copy up to a
certain number of bytes from a digest. Make sure never to copy more
than the size of the digest.
2015-02-21 17:51:08 -05:00
Jay Berkenbilt
c729e07d55 Avoid resolving arguments to R
When checking two objects preceding R while parsing, ensure that the
objects are direct. This avoids stuff like 1 0 obj containing 1 0 R 0 R
from causing an infinite loop in object resolution.
2015-02-21 17:51:08 -05:00
Jay Berkenbilt
d8900c2255 Handle page tree node with no /Type
Original reported here:
https://bugs.launchpad.net/ubuntu/+source/qpdf/+bug/1397413

The PDF specification says that the /Type key for nodes in the pages
dictionary (both /Page and /Pages) is required, but some PDF files
omit them. Use the presence of other keys to determine the type of
pages tree node this is if the type key is not found.
2014-12-29 10:17:21 -05:00