diff options
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | fuzz/qpdf_extra/30507.fuzz | bin | 0 -> 9548 bytes | |||
-rw-r--r-- | libqpdf/QPDFOutlineDocumentHelper.cc | 7 |
3 files changed, 10 insertions, 0 deletions
@@ -1,5 +1,8 @@ 2021-02-10 Jay Berkenbilt <ejb@ql.org> + * Detect loops when adding when reading outlines dictionary upon + initialization of QPDFOutlineDocumentHelper (fuzz issue 30507). + * Add "attachments" as an additional json key, and add some information about attachments to the json output. diff --git a/fuzz/qpdf_extra/30507.fuzz b/fuzz/qpdf_extra/30507.fuzz Binary files differnew file mode 100644 index 00000000..e8c28d04 --- /dev/null +++ b/fuzz/qpdf_extra/30507.fuzz diff --git a/libqpdf/QPDFOutlineDocumentHelper.cc b/libqpdf/QPDFOutlineDocumentHelper.cc index 85aff76b..b5b82a29 100644 --- a/libqpdf/QPDFOutlineDocumentHelper.cc +++ b/libqpdf/QPDFOutlineDocumentHelper.cc @@ -24,8 +24,15 @@ QPDFOutlineDocumentHelper::QPDFOutlineDocumentHelper(QPDF& qpdf) : return; } QPDFObjectHandle cur = outlines.getKey("/First"); + std::set<QPDFObjGen> seen; while (! cur.isNull()) { + auto og = cur.getObjGen(); + if (seen.count(og)) + { + break; + } + seen.insert(og); this->m->outlines.push_back( QPDFOutlineObjectHelper::Accessor::create(cur, *this, 1)); cur = cur.getKey("/Next"); |