[poppler] [PATCH] Catalog::getNumPages(): validate page count
Jason Crain
jason at aquaticape.us
Fri Sep 11 06:10:31 PDT 2015
On 2015-09-11 06:59, Even Rouault wrote:
> Hi,
>
> here's a V2 implementing suggested changes.
>
> Best regards,
>
> Even
From 0001-Catalog-getNumPages-validate-page-count.patch:
> @@ -856,6 +856,18 @@ int Catalog::getNumPages()
> }
> } else {
> numPages = (int)obj.getNum();
> + if (numPages <= 0 ) {
> + error(errSyntaxError, -1,
> + "Invalid page count {0:d}", numPages);
> + numPages = 0;
> + }
> + else if (numPages > xref->getNumObjects()) {
> + error(errSyntaxError, -1,
> + "Page count ({0:d}) larger than number of objects
> ({1:d})",
> + numPages, xref->getNumObjects());
> + numPages = 0;
> + }
> +
> }
>
> catDict.free();
I know I said I liked the idea of comparing the number of pages to the
number
of objects, but on second thought, I think I could make a PDF that was
just
many copies of the same page so it would be a completely valid PDF that
has
more pages than objects. I don't know of a good way to validate the
page
count. Even going through the page tree might be hard to do right
without
leading to an infinite loop, in addition to being slow.
More information about the poppler
mailing list