Include tests for other infinite loop bugs

fixes #117
fixes #118
fixes #119
fixes #120

Several other infinite loop bugs were fixed by previous changes.
Include their test files in the test suite.

10 files changed, 21 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 613a0eaf..5be7129f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2017-07-26  Jay Berkenbilt  <ejb@ql.org>
 
+	* Fixes to infinite loops below also fix problems reported in
+	other issues and cover CVE-2017-11624, CVE-2017-11625,
+	CVE-2017-11626, and CVE-2017-11627.
+
 	* Don't attempt to interpret syntactic keywords (like R and
 	endobj) found while parsing content streams.
 
diff --git a/qpdf/qtest/qpdf.test b/qpdf/qtest/qpdf.test
index c0207019..242ee149 100644
--- a/qpdf/qtest/qpdf.test
+++ b/qpdf/qtest/qpdf.test
@@ -206,7 +206,7 @@ $td->runtest("remove page we don't have",
 show_ntests();
 # ----------
 $td->notify("--- Miscellaneous Tests ---");
-$n_tests += 82;
+$n_tests += 86;
 
 $td->runtest("qpdf version",
 	     {$td->COMMAND => "qpdf --version"},
@@ -225,6 +225,10 @@ foreach my $d (
     ["99b", "object 0"],
     ["100","xref reconstruction loop"],
     ["101", "resolve for exception text"],
+    ["117", "other infinite loop"],
+    ["118", "other infinite loop"],
+    ["119", "other infinite loop"],
+    ["120", "other infinite loop"],
     )
 {
     my ($n, $description) = @$d;
diff --git a/qpdf/qtest/qpdf/issue-117.out b/qpdf/qtest/qpdf/issue-117.out
new file mode 100644
index 00000000..46be2597
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-117.out
@@ -0,0 +1,6 @@
+WARNING: issue-117.pdf: file is damaged
+WARNING: issue-117.pdf: can't find startxref
+WARNING: issue-117.pdf: Attempting to reconstruct cross-reference table
+WARNING: issue-117.pdf (file position 66): loop detected resolving object 2 0
+WARNING: issue-117.pdf (object 2 0, file position 67): attempting to recover stream length
+attempt to make a stream into a direct object
diff --git a/qpdf/qtest/qpdf/issue-117.pdf b/qpdf/qtest/qpdf/issue-117.pdf
new file mode 100644
index 00000000..5fd8ee32
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-117.pdf
diff --git a/qpdf/qtest/qpdf/issue-118.out b/qpdf/qtest/qpdf/issue-118.out
new file mode 100644
index 00000000..52fe67e9
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-118.out
@@ -0,0 +1,2 @@
+WARNING: issue-118.pdf (file position 732): loop detected resolving object 2 0
+issue-118.pdf (xref stream: object 8 0, file position 732): supposed object stream 2 is not a stream
diff --git a/qpdf/qtest/qpdf/issue-118.pdf b/qpdf/qtest/qpdf/issue-118.pdf
new file mode 100644
index 00000000..5dc05f6d
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-118.pdf
diff --git a/qpdf/qtest/qpdf/issue-119.out b/qpdf/qtest/qpdf/issue-119.out
new file mode 100644
index 00000000..bc6ffb3e
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-119.out
@@ -0,0 +1,2 @@
+WARNING: issue-119.pdf (file position 336): loop detected resolving object 4 0
+issue-119.pdf (file position 298): dictionary key is not not a name token
diff --git a/qpdf/qtest/qpdf/issue-119.pdf b/qpdf/qtest/qpdf/issue-119.pdf
new file mode 100644
index 00000000..829ca7af
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-119.pdf
diff --git a/qpdf/qtest/qpdf/issue-120.out b/qpdf/qtest/qpdf/issue-120.out
new file mode 100644
index 00000000..02f41135
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-120.out
@@ -0,0 +1,2 @@
+WARNING: issue-120.pdf (file position 85): loop detected resolving object 3 0
+issue-120.pdf (object 6 0, file position 85): supposed object stream 3 is not a stream
diff --git a/qpdf/qtest/qpdf/issue-120.pdf b/qpdf/qtest/qpdf/issue-120.pdf
new file mode 100644
index 00000000..fd8a5253
--- /dev/null
+++ b/qpdf/qtest/qpdf/issue-120.pdf