aboutsummaryrefslogtreecommitdiffstats
path: root/fuzz/qpdf_extra
diff options
context:
space:
mode:
authorm-holger <m-holger@kubitscheck.org>2024-01-17 11:39:06 +0100
committerm-holger <m-holger@kubitscheck.org>2024-01-17 11:39:06 +0100
commit6e3b7982dbcf8087374694253e0e248fbc6c6e3e (patch)
tree9dd7f6a56b669da65f3653ced2f1b449e3d4f79e /fuzz/qpdf_extra
parent0109e365decfdc2e8fbb920b4179d32daeeb96ae (diff)
downloadqpdf-6e3b7982dbcf8087374694253e0e248fbc6c6e3e.tar.zst
Fix incorrect handling of invalid negative object ids
Fix two errors introduced in #1110 and #1112. Since #1110, encountering the invalid indirect reference #1110 -2147483648 n R produces an integer underflow which, if undetected, immediately trigger a logic error. Since #1112, object -1 0 R may be incorrectly identified as an earlier generation of itself and deleted, invalidating a live iterator.
Diffstat (limited to 'fuzz/qpdf_extra')
-rw-r--r--fuzz/qpdf_extra/65773.fuzz1
-rw-r--r--fuzz/qpdf_extra/65777.fuzzbin0 -> 67 bytes
2 files changed, 1 insertions, 0 deletions
diff --git a/fuzz/qpdf_extra/65773.fuzz b/fuzz/qpdf_extra/65773.fuzz
new file mode 100644
index 00000000..2d0aabf5
--- /dev/null
+++ b/fuzz/qpdf_extra/65773.fuzz
@@ -0,0 +1 @@
+trailer<</Root<<[-2147483648 7 R 8 4 R]>>>> \ No newline at end of file
diff --git a/fuzz/qpdf_extra/65777.fuzz b/fuzz/qpdf_extra/65777.fuzz
new file mode 100644
index 00000000..066c960b
--- /dev/null
+++ b/fuzz/qpdf_extra/65777.fuzz
Binary files differ