diff options
author | Jay Berkenbilt <ejb@ql.org> | 2019-06-21 23:37:33 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2019-06-21 23:56:24 +0200 |
commit | b07ad6794eea175ee7f4b8c505995bdb4f397ce6 (patch) | |
tree | 43ca23b83e514e7f1f2c362cfc1b6ca21c21593e /libqpdf/QPDFFormFieldObjectHelper.cc | |
parent | a35d4ce9ccb3eb5903df3d221fdfd9a0d1fb5c37 (diff) | |
download | qpdf-b07ad6794eea175ee7f4b8c505995bdb4f397ce6.tar.zst |
Fix bugs found by fuzz tests
* Several assertions in linearization were not always true; change
them to run time errors
* Handle a few cases of uninitialized objects
* Handle pages with no contents when doing form operations
* Handle invalid page tree nodes when traversing pages
Diffstat (limited to 'libqpdf/QPDFFormFieldObjectHelper.cc')
-rw-r--r-- | libqpdf/QPDFFormFieldObjectHelper.cc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/libqpdf/QPDFFormFieldObjectHelper.cc b/libqpdf/QPDFFormFieldObjectHelper.cc index b3c61ce5..97257c85 100644 --- a/libqpdf/QPDFFormFieldObjectHelper.cc +++ b/libqpdf/QPDFFormFieldObjectHelper.cc @@ -43,6 +43,10 @@ QPDFObjectHandle QPDFFormFieldObjectHelper::getInheritableFieldValue(std::string const& name) { QPDFObjectHandle node = this->oh; + if (! node.isDictionary()) + { + return QPDFObjectHandle::newNull(); + } QPDFObjectHandle result(node.getKey(name)); std::set<QPDFObjGen> seen; while (result.isNull() && node.hasKey("/Parent")) @@ -896,7 +900,8 @@ QPDFFormFieldObjectHelper::generateTextAppearance( QPDFObjectHandle dr = getInheritableFieldValue("/DR"); font = getFontFromResource(dr, font_name); } - if (font.isDictionary() && + if (font.isInitialized() && + font.isDictionary() && font.getKey("/Encoding").isName()) { std::string encoding = font.getKey("/Encoding").getName(); |