diff options
| author | Ken Sharp <ken.sharp@artifex.com> | 2022-08-30 09:20:06 +0100 |
|---|---|---|
| committer | Chris Liddell <chris.liddell@artifex.com> | 2022-09-02 15:59:07 +0100 |
| commit | 23cf50e0edf8012166677c61342bfae2fe3abff8 (patch) | |
| tree | 9a501d626737d80b8d4db2cb917917900159655d | |
| parent | 9f8b92bf33fb0bdd20ac2ce2e1164dbce30ac5fb (diff) | |
| download | ghostpdl-23cf50e0edf8012166677c61342bfae2fe3abff8.tar.gz | |
GhostPDF - abort repair of ObjStm on error
OSS-fuzz 50747
The corrupted file has an ObjStm where the value of 'N', the number of
objects in the stream, is corrupted and huge. We read the objects from
a SubFileDecode, so we don't overrun, but we were ignoring the error
return and attempting to read a full 'N' objects.
There's really no point, corrupted ObjStms are more or less irreperable
so if we get an error, just stop.
This doesn't prevent a crash or any other problem, it just means we stop
handling an irreparable file more quickly.
| -rw-r--r-- | pdf/pdf_repair.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pdf/pdf_repair.c b/pdf/pdf_repair.c index 17cdce5e6..22865fe67 100644 --- a/pdf/pdf_repair.c +++ b/pdf/pdf_repair.c @@ -423,9 +423,9 @@ int pdfi_repair_file(pdf_context *ctx) if (code == 0) { for (j=0;j < N; j++) { code = pdfi_read_bare_int(ctx, compressed_stream, &obj_num); - if (code == 0) + if (code <= 0) break; - if (code > 0) { + else { code = pdfi_read_bare_int(ctx, compressed_stream, &offset); if (code > 0) { if (obj_num < 1) { |