Avoid buffer overrun copying digest

Converting a password to an encryption key is supposed to copy up to a certain number of bytes from a digest. Make sure never to copy more than the size of the digest.
author: Jay Berkenbilt <ejb@ql.org> 2015-02-21 23:30:45 +0100
committer: Jay Berkenbilt <ejb@ql.org> 2015-02-21 23:51:08 +0100
commit: 28a9df5119af12d6d97edf4fa97f88ce23865096 (patch)
tree: 194fbf3aebac4d2cd8250a581b6d7daca807c4b0 /ChangeLog
parent: c729e07d55c870e7e08f158f0a80a3d452c59cdc (diff)
download: qpdf-28a9df5119af12d6d97edf4fa97f88ce23865096.tar.zst
1 files changed, 5 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index c049bc3b..88def950 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2015-02-21  Jay Berkenbilt  <ejb@ql.org>
 
+	* Prevent buffer overrun when converting a password to an
+	encryption key. Thanks to Gynvael Coldwind and Mateusz Jurczyk of
+	the Google Security Team for providing a sample file with this
+	problem.
+
 	* Ensure that arguments to "R" when parsing the file are direct
 	objects before trying to resolve them. This prevents specially
 	crafted files from causing qpdf to crash with a stack overflow.
author	Jay Berkenbilt <ejb@ql.org>	2015-02-21 23:30:45 +0100
committer	Jay Berkenbilt <ejb@ql.org>	2015-02-21 23:51:08 +0100
commit	28a9df5119af12d6d97edf4fa97f88ce23865096 (patch)
tree	194fbf3aebac4d2cd8250a581b6d7daca807c4b0 /ChangeLog
parent	c729e07d55c870e7e08f158f0a80a3d452c59cdc (diff)
download	qpdf-28a9df5119af12d6d97edf4fa97f88ce23865096.tar.zst