diff options
author | Jay Berkenbilt <ejb@ql.org> | 2013-10-05 11:52:42 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2013-10-10 01:50:09 +0200 |
commit | b097d7a81b5c9cb349fff5c1efe6a0c390025579 (patch) | |
tree | 482a8356cbe64ccafe9511d503f62874bed3f9a8 | |
parent | eb1b1264b46f02550201e3e5856ff575fa47a0f7 (diff) | |
download | qpdf-b097d7a81b5c9cb349fff5c1efe6a0c390025579.tar.zst |
Security: handle empty name in normalizeName
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | libqpdf/QPDF_Name.cc | 4 |
2 files changed, 9 insertions, 0 deletions
@@ -1,5 +1,10 @@ 2013-10-05 Jay Berkenbilt <ejb@ql.org> + * Security fix: properly handle empty strings in + QPDF_Name::normalizeName. The empty string is not a valid name + and would never be parsed as a name, so there were no known + conditions where this method could be called with an empty string. + * Security fix: perform additional argument sanity checks when reading bit streams. diff --git a/libqpdf/QPDF_Name.cc b/libqpdf/QPDF_Name.cc index 9adb25b5..26bd8263 100644 --- a/libqpdf/QPDF_Name.cc +++ b/libqpdf/QPDF_Name.cc @@ -16,6 +16,10 @@ QPDF_Name::~QPDF_Name() std::string QPDF_Name::normalizeName(std::string const& name) { + if (name.empty()) + { + return name; + } std::string result; result += name[0]; for (unsigned int i = 1; i < name.length(); ++i) |