Protect against coding error of re-entrant parsing

2 files changed, 20 insertions, 1 deletions

diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
index 068630d1..1d54ef44 100644
--- a/libqpdf/QPDF.cc
+++ b/libqpdf/QPDF.cc
@@ -150,6 +150,7 @@ QPDF::Members::Members() :
     reconstructed_xref(false),
     fixed_dangling_refs(false),
     immediate_copy_from(false),
+    in_parse(false),
     first_xref_item_offset(0),
     uncompressed_after_compressed(false)
 {
@@ -417,6 +418,20 @@ QPDF::parse(char const* password)
 }
 
 void
+QPDF::inParse(bool v)
+{
+    if (this->m->in_parse == v)
+    {
+        // This happens of QPDFObjectHandle::parseInternal tries to
+        // resolve an indirect object while it is parsing.
+        throw std::logic_error(
+            "QPDF: re-entrant parsing detected. This is a qpdf bug."
+            " Please report at https://github.com/qpdf/qpdf/issues.");
+    }
+    this->m->in_parse = v;
+}
+
+void
 QPDF::warn(QPDFExc const& e)
 {
     this->m->warnings.push_back(e);
diff --git a/libqpdf/QPDFObjectHandle.cc b/libqpdf/QPDFObjectHandle.cc
index 1b3b64b0..6240395d 100644
--- a/libqpdf/QPDFObjectHandle.cc
+++ b/libqpdf/QPDFObjectHandle.cc
@@ -1714,7 +1714,11 @@ QPDFObjectHandle::parseInternal(PointerHolder<InputSource> input,
     // This method must take care not to resolve any objects. Don't
     // check the type of any object without first ensuring that it is
     // a direct object. Otherwise, doing so may have the side effect
-    // of reading the object and changing the file pointer.
+    // of reading the object and changing the file pointer. If you do
+    // this, it will cause a logic error to be thrown from
+    // QPDF::inParse().
+
+    QPDF::ParseGuard pg(context);
 
     empty = false;