[poppler] 3 commits - fofi/FoFiBase.cc fofi/FoFiTrueType.cc goo/GooString.cc poppler/Decrypt.cc poppler/Stream.h poppler/XRef.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Mon Sep 5 14:11:42 UTC 2016
fofi/FoFiBase.cc | 2 ++
fofi/FoFiTrueType.cc | 7 +++++--
goo/GooString.cc | 2 +-
poppler/Decrypt.cc | 12 +++++++++++-
poppler/Stream.h | 5 +++--
poppler/XRef.cc | 3 ++-
6 files changed, 24 insertions(+), 7 deletions(-)
New commits:
commit 67df1e16d7ae87e8b05c3186063cb925a799790a
Author: Albert Astals Cid <aacid at kde.org>
Date: Mon Sep 5 16:10:58 2016 +0200
Check we don't overflow in some calculations
Overflow is undefined behaviour
diff --git a/fofi/FoFiBase.cc b/fofi/FoFiBase.cc
index 86bafd8..07f8164 100644
--- a/fofi/FoFiBase.cc
+++ b/fofi/FoFiBase.cc
@@ -196,6 +196,8 @@ Guint FoFiBase::getUVarBE(int pos, int size, GBool *ok) {
GBool FoFiBase::checkRegion(int pos, int size) {
return pos >= 0 &&
+ pos < INT_MAX - size &&
+ size < INT_MAX - pos &&
pos + size >= pos &&
pos + size <= len;
}
diff --git a/fofi/FoFiTrueType.cc b/fofi/FoFiTrueType.cc
index 11699dd..e914a87 100644
--- a/fofi/FoFiTrueType.cc
+++ b/fofi/FoFiTrueType.cc
@@ -1359,8 +1359,11 @@ void FoFiTrueType::parse() {
tables[j].checksum = getU32BE(pos + 4, &parsedOk);
tables[j].offset = (int)getU32BE(pos + 8, &parsedOk);
tables[j].len = (int)getU32BE(pos + 12, &parsedOk);
- if (tables[j].offset + tables[j].len >= tables[j].offset &&
- tables[j].offset + tables[j].len <= len) {
+ if (unlikely((tables[j].offset < 0) ||
+ (tables[j].len < 0) ||
+ (tables[j].offset < INT_MAX - tables[j].len) ||
+ (tables[j].len > INT_MAX - tables[j].offset) ||
+ (tables[j].offset + tables[j].len >= tables[j].offset && tables[j].offset + tables[j].len <= len))) {
// ignore any bogus entries in the table directory
++j;
}
commit 7024b3c97df1815a4f1c9f677dc05dcf5ee72c3d
Author: Albert Astals Cid <aacid at kde.org>
Date: Mon Sep 5 16:09:34 2016 +0200
No need to do a memcpy of an empty string
Saves some warnings about memcpy of null strings on some broken documents
diff --git a/goo/GooString.cc b/goo/GooString.cc
index de9c93c..fb68e27 100644
--- a/goo/GooString.cc
+++ b/goo/GooString.cc
@@ -163,7 +163,7 @@ void inline GooString::resize(int newLength) {
// assert(s != s1) the roundedSize condition ensures this
if (newLength < length) {
memcpy(s1, s, newLength);
- } else {
+ } else if (length > 0) {
memcpy(s1, s, length);
}
if (s != sStatic)
commit a902f5983e6802c9346569fcc599cf5f5042bd8d
Author: Albert Astals Cid <aacid at kde.org>
Date: Mon Sep 5 16:08:17 2016 +0200
initialize XRef::encryptAlgorithm to something
diff --git a/poppler/Decrypt.cc b/poppler/Decrypt.cc
index cfc9676..c8246fa 100644
--- a/poppler/Decrypt.cc
+++ b/poppler/Decrypt.cc
@@ -14,7 +14,7 @@
// under GPL version 2 or later
//
// Copyright (C) 2008 Julien Rebetez <julien at fhtagn.net>
-// Copyright (C) 2008, 2010 Albert Astals Cid <aacid at kde.org>
+// Copyright (C) 2008, 2010, 2016 Albert Astals Cid <aacid at kde.org>
// Copyright (C) 2009 Matthias Franz <matthias at ktug.or.kr>
// Copyright (C) 2009 David Benjamin <davidben at mit.edu>
// Copyright (C) 2012 Fabio D'Urso <fabiodurso at hotmail.it>
@@ -349,6 +349,8 @@ BaseCryptStream::BaseCryptStream(Stream *strA, Guchar *fileKey, CryptAlgorithm a
case cryptAES256:
objKeyLength = keyLength;
break;
+ case cryptNone:
+ break;
}
charactersRead = 0;
@@ -433,6 +435,8 @@ void EncryptStream::reset() {
state.aes256.bufIdx = 0;
state.aes256.paddingReached = gFalse;
break;
+ case cryptNone:
+ break;
}
}
@@ -473,6 +477,8 @@ int EncryptStream::lookChar() {
c = state.aes256.buf[state.aes256.bufIdx++];
}
break;
+ case cryptNone:
+ break;
}
return (nextCharBuff = c);
}
@@ -513,6 +519,8 @@ void DecryptStream::reset() {
}
state.aes256.bufIdx = 16;
break;
+ case cryptNone:
+ break;
}
}
@@ -554,6 +562,8 @@ int DecryptStream::lookChar() {
c = state.aes256.buf[state.aes256.bufIdx++];
}
break;
+ case cryptNone:
+ break;
}
return (nextCharBuff = c);
}
diff --git a/poppler/Stream.h b/poppler/Stream.h
index 8304b6c..07b3933 100644
--- a/poppler/Stream.h
+++ b/poppler/Stream.h
@@ -15,7 +15,7 @@
//
// Copyright (C) 2005 Jeff Muizelaar <jeff at infidigm.net>
// Copyright (C) 2008 Julien Rebetez <julien at fhtagn.net>
-// Copyright (C) 2008, 2010, 2011 Albert Astals Cid <aacid at kde.org>
+// Copyright (C) 2008, 2010, 2011, 2016 Albert Astals Cid <aacid at kde.org>
// Copyright (C) 2009 Carlos Garcia Campos <carlosgc at gnome.org>
// Copyright (C) 2009 Stefan Thomas <thomas at eload24.com>
// Copyright (C) 2010 Hib Eris <hib at hiberis.nl>
@@ -81,7 +81,8 @@ enum StreamColorSpaceMode {
enum CryptAlgorithm {
cryptRC4,
cryptAES,
- cryptAES256
+ cryptAES256,
+ cryptNone
};
//------------------------------------------------------------------------
diff --git a/poppler/XRef.cc b/poppler/XRef.cc
index 75fa52d..d9e6db5 100644
--- a/poppler/XRef.cc
+++ b/poppler/XRef.cc
@@ -15,7 +15,7 @@
//
// Copyright (C) 2005 Dan Sheridan <dan.sheridan at postman.org.uk>
// Copyright (C) 2005 Brad Hards <bradh at frogmouth.net>
-// Copyright (C) 2006, 2008, 2010, 2012-2014 Albert Astals Cid <aacid at kde.org>
+// Copyright (C) 2006, 2008, 2010, 2012-2014, 2016 Albert Astals Cid <aacid at kde.org>
// Copyright (C) 2007-2008 Julien Rebetez <julienr at svn.gnome.org>
// Copyright (C) 2007 Carlos Garcia Campos <carlosgc at gnome.org>
// Copyright (C) 2009, 2010 Ilya Gorenbein <igorenbein at finjan.com>
@@ -300,6 +300,7 @@ void XRef::init() {
rootNum = -1;
strOwner = gFalse;
xrefReconstructed = gFalse;
+ encAlgorithm = cryptNone;
}
XRef::XRef() {
More information about the poppler
mailing list