File podofo_security-fixes-validate-more-encrypt-dic... of Package podofo.35911

Overview Repositories Revisions Requests Users Attributes Meta

File podofo_security-fixes-validate-more-encrypt-dictionary-parameters.patch of Package podofo.35911

commit 8f514d69b4ac3c9aa9f725fa93486fe4b7876642
Author: Francesco Pretto <ceztko@gmail.com>
Date:   Wed Jun 28 10:20:35 2023 +0200

PdfEncrypt: Validate more encrypt dictionary parameters
    
    This was discussed in https://github.com/podofo/podofo/issues/72#issuecomment-1521737241

--- src/base/PdfEncrypt.cpp
+++ src/base/PdfEncrypt.cpp
@@ -1188,6 +1188,13 @@
     m_eKeyLength = static_cast<EPdfKeyLength>(length);
     m_keyLength  = length/8;
 	m_bEncryptMetadata = encryptMetadata;
+
+    if (oValue.GetLength() < 32)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/O value is invalid");
+
+    if (uValue.GetLength() < 32)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/U value is invalid");
+
     memcpy( m_oValue, oValue.GetString(), 32 );
     memcpy( m_uValue, uValue.GetString(), 32 );
     
@@ -1919,6 +1926,22 @@
     m_eKeyLength = ePdfKeyLength_256;
     m_keyLength  = ePdfKeyLength_256 / 8;
     m_rValue	 = 5;
+
+    if (oValue.GetLength() < 48)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/O value is invalid");
+
+    if (oeValue.GetLength() < 32)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/OE value is invalid");
+
+    if (uValue.GetLength() < 48)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/U value is invalid");
+
+    if (ueValue.GetLength() < 32)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/UE value is invalid");
+
+    if (permsValue.GetLength() < 16)
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidEncryptionDict, "/Perms value is invalid");
+
     memcpy( m_oValue, oValue.GetString(), 48 );
     memcpy( m_oeValue, oeValue.GetString(), 32 );
     memcpy( m_uValue, uValue.GetString(), 48 );

--- src/base/PdfString.cpp
+++ src/base/PdfString.cpp
@@ -778,6 +778,11 @@
 	return m_buffer;
 }
 
+const char* PdfString::GetString() const
+{
+    return m_buffer.GetBuffer();
+}
+
 #ifdef PODOFO_HAVE_UNISTRING_LIB
 
 pdf_long PdfString::ConvertUTF8toUTF16( const pdf_utf8* pszUtf8, pdf_utf16be* pszUtf16, pdf_long lLenUtf16 )

--- src/base/PdfString.h
+++ src/base/PdfString.h
@@ -215,7 +215,7 @@
      *  \see IsUnicode
      *  \see Length
      */
-    inline const char* GetString() const;
+    const char* GetString() const;
 
     /** The contents of the string can be read by this function.
      *
@@ -477,14 +477,6 @@
 }
 
 // -----------------------------------------------------
-// 
-// -----------------------------------------------------
-const char* PdfString::GetString() const
-{
-    return m_buffer.GetBuffer();
-}
-
-// -----------------------------------------------------
 // 
 // -----------------------------------------------------
 const pdf_utf16be* PdfString::GetUnicode() const

Places

File podofo_security-fixes-validate-more-encrypt-dictionary-parameters.patch of Package podofo.35911

Places