Detect recursion loops resolving objects (fixes #51)

During parsing of an object, sometimes parts of the object have to be resolved. An example is stream lengths. If such an object directly or indirectly points to the object being parsed, it can cause an infinite loop. Guard against all cases of re-entrant resolution of objects.
author: Jay Berkenbilt <ejb@ql.org> 2017-07-26 11:03:38 +0200
committer: Jay Berkenbilt <ejb@ql.org> 2017-07-26 12:24:07 +0200
commit: 701b518d5c56a1449825a3a37a716c58e05e1c3e (patch)
tree: bb4891231a8150bf3a2ccb56bca298df433210a0 /ChangeLog
parent: afe0242b263a9e1a8d51dd81e42ab6de2e5127eb (diff)
download: qpdf-701b518d5c56a1449825a3a37a716c58e05e1c3e.tar.zst
1 files changed, 5 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index f39c52c3..649e5aac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2017-07-26  Jay Berkenbilt  <ejb@ql.org>
 
+	* Detect infinite loops while resolving objects. This could happen
+	if something inside an object that had to be resolved during
+	parsing, such as a stream length, recursively referenced the
+	object being resolved.
+
 	* CVE-2017-9208: Handle references to and appearance of object 0
 	as a special case. Object 0 is not allowed, and qpdf was using it
 	internally to represent direct objects.
author	Jay Berkenbilt <ejb@ql.org>	2017-07-26 11:03:38 +0200
committer	Jay Berkenbilt <ejb@ql.org>	2017-07-26 12:24:07 +0200
commit	701b518d5c56a1449825a3a37a716c58e05e1c3e (patch)
tree	bb4891231a8150bf3a2ccb56bca298df433210a0 /ChangeLog
parent	afe0242b263a9e1a8d51dd81e42ab6de2e5127eb (diff)
download	qpdf-701b518d5c56a1449825a3a37a716c58e05e1c3e.tar.zst