diff options
Diffstat (limited to 'libqpdf')
-rw-r--r-- | libqpdf/QPDF.cc | 8 | ||||
-rw-r--r-- | libqpdf/QPDFObjectHandle.cc | 10 |
2 files changed, 18 insertions, 0 deletions
diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc index a50c87ad..846f188f 100644 --- a/libqpdf/QPDF.cc +++ b/libqpdf/QPDF.cc @@ -1350,6 +1350,14 @@ QPDF::readObjectAtOffset(bool try_recovery, objid = atoi(tobjid.getValue().c_str()); generation = atoi(tgen.getValue().c_str()); + if (objid == 0) + { + QTC::TC("qpdf", "QPDF object id 0"); + throw QPDFExc(qpdf_e_damaged_pdf, this->file->getName(), + this->last_object_description, offset, + "object with ID 0"); + } + if ((exp_objid >= 0) && (! ((objid == exp_objid) && (generation == exp_generation)))) { diff --git a/libqpdf/QPDFObjectHandle.cc b/libqpdf/QPDFObjectHandle.cc index 687ba439..cd3084cb 100644 --- a/libqpdf/QPDFObjectHandle.cc +++ b/libqpdf/QPDFObjectHandle.cc @@ -1089,6 +1089,16 @@ QPDFObjectHandle::parseInternal(PointerHolder<InputSource> input, QPDFObjectHandle QPDFObjectHandle::newIndirect(QPDF* qpdf, int objid, int generation) { + if (objid == 0) + { + // Special case: QPDF uses objid 0 as a sentinel for direct + // objects, and the PDF specification doesn't allow for object + // 0. Treat indirect references to object 0 as null so that we + // never create an indirect object with objid 0. + QTC::TC("qpdf", "QPDFObjectHandle indirect with 0 objid"); + return newNull(); + } + return QPDFObjectHandle(qpdf, objid, generation); } |