diff options
author | Jay Berkenbilt <jberkenbilt@users.noreply.github.com> | 2024-01-17 14:44:50 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-17 14:44:50 +0100 |
commit | 6b80e0f14b296c21d38a92e25af72da9bf5757ae (patch) | |
tree | ec71b30c91925afeb0fd085a817582d9e104eab5 /libqpdf | |
parent | 87c07457e203bb0801ac3256de7bb61e79b6d01c (diff) | |
parent | ed43691bf3e1da1cefb7a4618cb809684040dd65 (diff) | |
download | qpdf-6b80e0f14b296c21d38a92e25af72da9bf5757ae.tar.zst |
Merge pull request #1127 from m-holger/parser
Tighten checks for invalid indirect references in QPDFParser
Diffstat (limited to 'libqpdf')
-rw-r--r-- | libqpdf/QPDFParser.cc | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/libqpdf/QPDFParser.cc b/libqpdf/QPDFParser.cc index 32c4f8e9..2551cf93 100644 --- a/libqpdf/QPDFParser.cc +++ b/libqpdf/QPDFParser.cc @@ -163,16 +163,15 @@ QPDFParser::parseRemainder(bool content_stream) throw std::logic_error("QPDFParser::parse called without context on an object " "with indirect references"); } - auto ref_og = QPDFObjGen( - QIntC::to_int(int_buffer[(int_count - 1) % 2]), - QIntC::to_int(int_buffer[(int_count) % 2])); - if (ref_og.isIndirect()) { + auto id = QIntC::to_int(int_buffer[(int_count - 1) % 2]); + auto gen = QIntC::to_int(int_buffer[(int_count) % 2]); + if (!(id < 1 || gen < 0 || gen >= 65535)) { // This action has the desirable side effect of causing dangling references // (references to indirect objects that don't appear in the PDF) in any parsed // object to appear in the object cache. - add(std::move(context->getObject(ref_og).obj)); + add(std::move(context->getObject(id, gen).obj)); } else { - QTC::TC("qpdf", "QPDFParser indirect with 0 objid"); + QTC::TC("qpdf", "QPDFParser invalid objgen"); addNull(); } int_count = 0; |