Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-02-06 | Remove erroneous handling of /EFF for stream decryption | Jay Berkenbilt | |
I thought /EFF was supposed to be used as a default for decrypting embedded file streams, but actually it's supposed to be advice to a conforming writer about handling new ones. This makes sense since the findAttachmentStreams code, which is not actually needed, was never right. | |||
2021-02-06 | Make wrong object stream type a warning | Jay Berkenbilt | |
2021-01-26 | NNTree: rework iterators to be more memory efficient | Jay Berkenbilt | |
Keep a std::pair internal to the iterators so that operator* can return a reference and operator-> can work, and each can work without copying pairs of objects around. | |||
2021-01-24 | Use new QPDF{Name,Number}TreeObjectHelper API | Jay Berkenbilt | |
2021-01-24 | Use QPDFNameTreeObjectHelper's iterator directly | Jay Berkenbilt | |
2021-01-11 | Treat /EmbeddedFiles as a proper name tree | Jay Berkenbilt | |
If we ever had an encrypted file with different filters for attachments and either the /EmbeddedFiles name tree was deep or some of the file specs didn't have /Type, we would have overlooked those as attachment streams. The code now properly handles /EmbeddedFiles as a name tree. | |||
2021-01-06 | Warn rather than segv on access after closing input source (fixes #495) | Jay Berkenbilt | |
2021-01-04 | Prepare version 10.1.0release-qpdf-10.1.0 | Jay Berkenbilt | |
2020-12-28 | Implement user-provided stream filters | Jay Berkenbilt | |
Refactor QPDF_Stream to use stream filter classes to handle supported stream filters as well. | |||
2020-11-21 | Prepare 10.0.4 releaserelease-qpdf-10.0.4 | Jay Berkenbilt | |
2020-11-04 | Ignore unused field in xref entry, avoiding range error (fixes #482) | Jay Berkenbilt | |
2020-10-31 | Prepare 10.0.3 releaserelease-qpdf-10.0.3 | Jay Berkenbilt | |
2020-10-31 | Add comments explaining the foreign object copying code | Jay Berkenbilt | |
These are the comments I would have liked to have been able to read while fixing #449 and #478. | |||
2020-10-31 | Fix foreign stream copying bug (fixes #478) | Jay Berkenbilt | |
This reverts an incorrect fix to #449 and codes it properly. The real problem was that we were looking at the local dictionaries rather than the foreign dictionaries when saving the foreign stream data. In the case of direct objects, these happened to be the same, but in the case of indirect objects, the object references could be pointing anywhere since object numbers don't match up between the old and new files. | |||
2020-10-27 | Prepare 10.0.2 releaserelease-qpdf-10.0.2 | Jay Berkenbilt | |
2020-10-27 | Revert removal of unreadCh change for performance | Jay Berkenbilt | |
Turns out unreadCh is much more efficient than seek(-1, SEEK_CUR). Update comments and code to reflect this. | |||
2020-10-22 | Avoid leak by resolving object streams more than once (fuzz issue 23642) | Jay Berkenbilt | |
2020-10-22 | Minor code cleanup | Jay Berkenbilt | |
* Return rather than exiting from realmain in qpdf.cc * Remove extraneous blank line * Don't assign temporary to const reference | |||
2020-10-22 | Obscure bug fix copying foreign streams in special cases (fixes #449) | Jay Berkenbilt | |
Specifically, if a stream had its stream data replaced and had indirect /Filter or /DecodeParms, it would result in non-silent loss of data and/or internal error. | |||
2020-10-21 | Protect numeric conversion against user's locale (fixes #459) | Jay Berkenbilt | |
2020-10-18 | Stop using InputSource::unreadCh | Jay Berkenbilt | |
2020-10-17 | Check integer overflow in resolveObjectsInStream | Dean Scarff | |
Fixes a crash found by fuzzing. | |||
2020-04-09 | Prepare 10.0.1 releaserelease-qpdf-10.0.1 | Jay Berkenbilt | |
2020-04-06 | Prepare 10.0.0 release | Jay Berkenbilt | |
2020-04-06 | Allow propagation of errors and retry through StreamDataProvider | Jay Berkenbilt | |
StreamDataProvider::provideStreamData now has a rich enough API for it to effectively proxy to pipeStreamData. | |||
2020-04-04 | Use deterministic assignments for unique_id | Dean Scarff | |
Fixes qpdf/qpdf#419 | |||
2020-01-27 | Prepare 9.1.1 releaserelease-qpdf-9.1.1 | Jay Berkenbilt | |
2019-11-17 | Prepare 9.1.0 releaserelease-qpdf-9.1.0 | Jay Berkenbilt | |
2019-11-10 | Prepare 9.1.rc1 release | Jay Berkenbilt | |
2019-11-04 | Fix two additional fuzz test cases | Jay Berkenbilt | |
2019-10-22 | Add QPDF::getXRefTable() | Masamichi Hosoda | |
2019-10-22 | Exclude signature dictionary from compressible objects | Masamichi Hosoda | |
It seems better not to compress signature dictionaries. Various PDF digital signing tools, including Adobe Acrobat Reader DC, do not compress signature dictionaries. Table 8.93 "Entries in a signature dictionary" in PDF 1.5 reference describes that /ByteRange in the signature dictionary shall be used to describe a digest that does not include the signature value (/Contents) itself. The byte ranges cannot be determined if the dictionary is compressed. | |||
2019-10-13 | Prepare 9.0.2 releaserelease-qpdf-9.0.2 | Jay Berkenbilt | |
2019-09-20 | Prepare 9.0.1 release | Jay Berkenbilt | |
2019-09-18 | Fix fuzz issue 16953 (overflow checking in xref stream index) | Jay Berkenbilt | |
2019-09-01 | Prepare 9.0.0 releaserelease-qpdf-9.0.0 | Jay Berkenbilt | |
2019-08-31 | Add methods QPDF::anyWarnings and QPDF::closeInputSource | Jay Berkenbilt | |
2019-08-28 | Fix fuzz issues 15316 and 15390 | Jay Berkenbilt | |
2019-08-27 | Seek in two stages to avoid overflow | Jay Berkenbilt | |
When seeing to a position based on a value read from the input, we are prone to integer overflow (fuzz issue 15442). Seek in two stages to move the overflow check into the input source code. | |||
2019-08-27 | Fix fuzz issue 15387 (overflow checking xref size) | Jay Berkenbilt | |
2019-08-24 | Track separately whether password was user/owner (fixes #159) | Jay Berkenbilt | |
2019-08-22 | Protect against coding error of re-entrant parsing | Jay Berkenbilt | |
2019-08-20 | Accept extraneous space before xref (fixes #341) | Jay Berkenbilt | |
2019-08-20 | Accept extraneous space after stream keyword (fixes #329) | Jay Berkenbilt | |
2019-08-20 | Handle invalid name tokens symmetrically for PDF < 1.2 (fixes #332) | Jay Berkenbilt | |
2019-08-18 | Improve efficiency of fixDanglingReferences | Jay Berkenbilt | |
2019-06-22 | Remove QPDF::copyForeignObject with unused parameter | Jay Berkenbilt | |
2019-06-21 | Fix sign and conversion warnings (major) | Jay Berkenbilt | |
This makes all integer type conversions that have potential data loss explicit with calls that do range checks and raise an exception. After this commit, qpdf builds with no warnings when -Wsign-conversion -Wconversion is used with gcc or clang or when -W3 -Wd4800 is used with MSVC. This significantly reduces the likelihood of potential crashes from bogus integer values. There are some parts of the code that take int when they should take size_t or an offset. Such places would make qpdf not support files with more than 2^31 of something that usually wouldn't be so large. In the event that such a file shows up and is valid, at least qpdf would raise an error in the right spot so the issue could be legitimately addressed rather than failing in some weird way because of a silent overflow condition. | |||
2019-06-15 | Eliminate one potential integer overflow | Jay Berkenbilt | |
There are more to handle, but this resolves an issue already caught by oss-fuzz. | |||
2019-05-18 | Prepare 8.4.2 release | Jay Berkenbilt | |