diff options
author | Jay Berkenbilt <ejb@ql.org> | 2017-07-26 10:30:32 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2017-07-26 12:24:07 +0200 |
commit | afe0242b263a9e1a8d51dd81e42ab6de2e5127eb (patch) | |
tree | 959baca5eaaac2e775aee3faa35ec52a29aa81ab /qtest/QTC | |
parent | 315092dd98d5230ef0efa18b294d464d0e9f79d0 (diff) | |
download | qpdf-afe0242b263a9e1a8d51dd81e42ab6de2e5127eb.tar.zst |
Handle object ID 0 (fixes #99)
This is CVE-2017-9208.
The QPDF library uses object ID 0 internally as a sentinel to
represent a direct object, but prior to this fix, was not blocking
handling of 0 0 obj or 0 0 R as a special case. Creating an object in
the file with 0 0 obj could cause various infinite loops. The PDF spec
doesn't allow for object 0. Having qpdf handle object 0 might be a
better fix, but changing all the places in the code that assumes objid
== 0 means direct would be risky.
Diffstat (limited to 'qtest/QTC')
0 files changed, 0 insertions, 0 deletions