diff options
author | Jay Berkenbilt <ejb@ql.org> | 2017-07-26 11:03:38 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2017-07-26 12:24:07 +0200 |
commit | 701b518d5c56a1449825a3a37a716c58e05e1c3e (patch) | |
tree | bb4891231a8150bf3a2ccb56bca298df433210a0 /ChangeLog | |
parent | afe0242b263a9e1a8d51dd81e42ab6de2e5127eb (diff) | |
download | qpdf-701b518d5c56a1449825a3a37a716c58e05e1c3e.tar.zst |
Detect recursion loops resolving objects (fixes #51)
During parsing of an object, sometimes parts of the object have to be
resolved. An example is stream lengths. If such an object directly or
indirectly points to the object being parsed, it can cause an infinite
loop. Guard against all cases of re-entrant resolution of objects.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -1,5 +1,10 @@ 2017-07-26 Jay Berkenbilt <ejb@ql.org> + * Detect infinite loops while resolving objects. This could happen + if something inside an object that had to be resolved during + parsing, such as a stream length, recursively referenced the + object being resolved. + * CVE-2017-9208: Handle references to and appearance of object 0 as a special case. Object 0 is not allowed, and qpdf was using it internally to represent direct objects. |