diff options
| author | Ken Sharp <ken.sharp@artifex.com> | 2022-08-30 09:20:06 +0100 |
|---|---|---|
| committer | Ken Sharp <ken.sharp@artifex.com> | 2022-08-30 09:20:06 +0100 |
| commit | c96973654959228193cd45f1c76de22f96f0dda8 (patch) | |
| tree | 4a036de65628ddf5fbcbfc3a8e14c063f72880f2 /pdf/pdf_repair.c | |
| parent | 593cc12df5834bf0734b4196d7447e02414f5ba3 (diff) | |
| download | ghostpdl-c96973654959228193cd45f1c76de22f96f0dda8.tar.gz | |
GhostPDF - abort repair of ObjStm on error
OSS-fuzz 50747
The corrupted file has an ObjStm where the value of 'N', the number of
objects in the stream, is corrupted and huge. We read the objects from
a SubFileDecode, so we don't overrun, but we were ignoring the error
return and attempting to read a full 'N' objects.
There's really no point, corrupted ObjStms are more or less irreperable
so if we get an error, just stop.
This doesn't prevent a crash or any other problem, it just means we stop
handling an irreparable file more quickly.
Diffstat (limited to 'pdf/pdf_repair.c')
| -rw-r--r-- | pdf/pdf_repair.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pdf/pdf_repair.c b/pdf/pdf_repair.c index 17cdce5e6..22865fe67 100644 --- a/pdf/pdf_repair.c +++ b/pdf/pdf_repair.c @@ -423,9 +423,9 @@ int pdfi_repair_file(pdf_context *ctx) if (code == 0) { for (j=0;j < N; j++) { code = pdfi_read_bare_int(ctx, compressed_stream, &obj_num); - if (code == 0) + if (code <= 0) break; - if (code > 0) { + else { code = pdfi_read_bare_int(ctx, compressed_stream, &offset); if (code > 0) { if (obj_num < 1) { |