[Poppler-bugs] [Bug 64815] [TAGGEDPDF] Parse the Tagged-PDF document structure tree when present
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Jun 18 10:05:34 PDT 2013
https://bugs.freedesktop.org/show_bug.cgi?id=64815
--- Comment #21 from Albert Astals Cid <aacid at kde.org> ---
(In reply to comment #20)
> (In reply to comment #12)
> > [...] But I'll assume there's some tree structure parsing somewhere
> > because PDF are full of those trees, are we protecting against loop
> > in the tree somehow?
>
> I didn't see code in Poppler that would be particularly useful to parse
> the document structure tree. WRT loops in the structure tree, there is
> no protection and a malformed PDF file could potentially cause an
> infinite loop when parsing the tree. If I am understanding the PDF spec
> correctly, well-formed PDFs must not have loops in the tree. How critical
> would you say having protection against loops in the tree would be?
Quite critical, people usually spend their time writing such kind of pdf since
that way they can make us crash (heap exhaustion) and thus they can say
"whooooo i found a CVE in poppler"...
That's why we have in various places the passing of std::set<int> with the refs
of already parsed things in the tree so in case you find you have to process
something that is already in the set you know you found a loop and simply bail
out.
It should not be very hard to add so it'd be cool if you could add it.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/poppler-bugs/attachments/20130618/ebd5d3e6/attachment-0001.html>
More information about the Poppler-bugs
mailing list