File r1924-Add-PdfRecursionGuard-to-detect-recursion... of Package podofo.8856

Overview Repositories Revisions Requests Users Attributes Meta

File r1924-Add-PdfRecursionGuard-to-detect-recursions-in-XRef-tables.patch of Package podofo.8856

------------------------------------------------------------------------
r1924 | domseichter | 2018-04-30 20:28:12 +0200 (lun, 30 abr 2018) | 1 line

ADDED: #7 Patch by Mark Rogers to add PdfRecursionGuard to detect recursions in XRef tables

Index: src/base/PdfParser.cpp
===================================================================
--- src/base/PdfParser.cpp	(revision 1923)
+++ src/base/PdfParser.cpp	(revision 1924)
@@ -74,6 +74,44 @@
 
 long PdfParser::s_nMaxObjects = std::numeric_limits<long>::max();
 
+class PdfRecursionGuard
+{
+  // RAII recursion guard ensures m_nRecursionDepth is always decremented
+  // because the destructor is always called when control leaves a method
+  // via return or an exception.
+  // see http://en.cppreference.com/w/cpp/language/raii
+
+  // It's used like this in PdfParser methods
+  // PdfRecursionGuard guard(m_nRecursionDepth);
+
+  public:
+    PdfRecursionGuard( int& nRecursionDepth ) 
+    : m_nRecursionDepth(nRecursionDepth) 
+    { 
+        // be careful changing this limit - overflow limits depend on the OS, linker settings, and how much stack space compiler allocates
+        // 500 limit prevents overflow on Win7 with VC++ 2005 with default linker stack size (1000 caused overflow with same compiler/OS)
+        const int maxRecursionDepth = 500;
+
+        ++m_nRecursionDepth;
+
+        if ( m_nRecursionDepth > maxRecursionDepth )
+        {
+            // avoid stack overflow on documents that have circular cross references in /Prev entries
+            // in trailer and XRef streams (possible via a chain of entries with a loop)
+            PODOFO_RAISE_ERROR( ePdfError_InvalidXRef );
+        }    
+    }
+
+    ~PdfRecursionGuard() 
+    { 
+        --m_nRecursionDepth;    
+    }
+
+  private:
+    // must be a reference so that we modify m_nRecursionDepth in parent class
+    int& m_nRecursionDepth;
+};
+
 PdfParser::PdfParser( PdfVecObjects* pVecObjects )
     : PdfTokenizer(), m_vecObjects( pVecObjects ), m_bStrictParsing( false )
 
@@ -147,7 +185,7 @@
 
     m_bIgnoreBrokenObjects = false;
     m_nIncrementalUpdates = 0;
-    m_nReadNextTrailerLevel = 0;
+    m_nRecursionDepth = 0;
 }
 
 void PdfParser::ParseFile( const char* pszFilename, bool bLoadOnDemand )
@@ -514,17 +552,7 @@
 
 void PdfParser::ReadNextTrailer()
 {
-    // be careful changing this limit - overflow limits depend on the OS, linker settings, and how much stack space compiler allocates
-    // 500 limit prevents overflow on Win7 with VC++ 2005 with default linker stack size (1000 caused overflow with same compiler/OS)
-    const int maxReadNextTrailerLevel = 500;
-    
-    ++m_nReadNextTrailerLevel;
-    
-    if ( m_nReadNextTrailerLevel > maxReadNextTrailerLevel )
-    {
-        // avoid stack overflow on documents that have circular cross references in trailer
-        PODOFO_RAISE_ERROR( ePdfError_InvalidXRef );
-    }
+    PdfRecursionGuard guard(m_nRecursionDepth);
 
     // ReadXRefcontents has read the first 't' from "trailer" so just check for "railer"
     if( this->IsNextToken( "trailer" ) )
@@ -575,8 +603,6 @@
     {
         PODOFO_RAISE_ERROR( ePdfError_NoTrailer );
     }
-
-    --m_nReadNextTrailerLevel;
 }
 
 void PdfParser::ReadTrailer()
@@ -642,6 +668,8 @@
 
 void PdfParser::ReadXRefContents( pdf_long lOffset, bool bPositionAtEnd )
 {
+    PdfRecursionGuard guard(m_nRecursionDepth);
+
     long long nFirstObject = 0;
     long long nNumObjects  = 0;
 
@@ -894,6 +922,8 @@
 
 void PdfParser::ReadXRefStreamContents( pdf_long lOffset, bool bReadOnlyTrailer )
 {
+    PdfRecursionGuard guard(m_nRecursionDepth);
+
     m_device.Device()->Seek( lOffset );
 
     PdfXRefStreamParserObject xrefObject( m_vecObjects, m_device, m_buffer, &m_offsets );
Index: src/base/PdfParser.h
===================================================================
--- src/base/PdfParser.h	(revision 1923)
+++ src/base/PdfParser.h	(revision 1924)
@@ -591,7 +591,7 @@
     bool          m_bIgnoreBrokenObjects;
 
     int           m_nIncrementalUpdates;
-    int           m_nReadNextTrailerLevel;
+    int           m_nRecursionDepth;
 
     static long   s_nMaxObjects;

------------------------------------------------------------------------

Places

File r1924-Add-PdfRecursionGuard-to-detect-recursions-in-XRef-tables.patch of Package podofo.8856

Places