[poppler] poppler/Decrypt.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Fri May 25 21:07:34 UTC 2018
poppler/Decrypt.cc | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
New commits:
commit 68c5977980a60b2fbac0a5938e697cf09f37b0a2
Author: Albert Astals Cid <aacid at kde.org>
Date: Fri May 25 23:06:53 2018 +0200
BaseCryptStream: Initialize all of objKey
fixes oss-fuzz/8493
diff --git a/poppler/Decrypt.cc b/poppler/Decrypt.cc
index 2e599bcd..9577b655 100644
--- a/poppler/Decrypt.cc
+++ b/poppler/Decrypt.cc
@@ -311,14 +311,16 @@ BaseCryptStream::BaseCryptStream(Stream *strA, Guchar *fileKey, CryptAlgorithm a
int keyLength, int objNum, int objGen):
FilterStream(strA)
{
- int i;
-
algo = algoA;
// construct object key
- for (i = 0; i < keyLength; ++i) {
+ for (int i = 0; i < keyLength; ++i) {
objKey[i] = fileKey[i];
}
+ for (std::size_t i = keyLength; i < sizeof(objKey); ++i) {
+ objKey[i] = 0;
+ }
+
switch (algo) {
case cryptRC4:
if (likely(keyLength < static_cast<int>(sizeof(objKey) - 4))) {
More information about the poppler
mailing list