Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-02-19 | More robust handling of type errors | Jay Berkenbilt | |
Give objects descriptions and context so it is possible to issue warnings instead of fatal errors for attempts to access objects of the wrong type. | |||
2018-02-19 | Include omitted object description in error message | Jay Berkenbilt | |
2018-02-19 | Include filename in object stream parse error | Jay Berkenbilt | |
2018-02-05 | Prepare 7.1.1 releaserelease-qpdf-7.1.1 | Jay Berkenbilt | |
2018-02-04 | Fix offset in error message | Jay Berkenbilt | |
2018-01-15 | Update version numbers for 7.1.0release-qpdf-7.1.0 | Jay Berkenbilt | |
2018-01-14 | Allow raw encryption key to be specified | Jay Berkenbilt | |
Add options to enable the raw encryption key to be directly shown or specified. Thanks to Didier Stevens <didier.stevens@gmail.com> for the idea and contribution of one implementation of this idea. | |||
2017-12-25 | Correct errors in PNG filters and make use from library | Jay Berkenbilt | |
2017-09-16 | Prepare 7.0.0 releaserelease-qpdf-7.0.0 | Jay Berkenbilt | |
2017-09-12 | Improve message for stream decoding error | Jay Berkenbilt | |
Tweak the message so that we inform the user that we are mitigating data loss. | |||
2017-08-29 | Replace all atoi calls with QUtil::string_to_int | Jay Berkenbilt | |
The latter catches underflow/overflow. | |||
2017-08-26 | Detect xref pointer infinite loop (fixes #149) | Jay Berkenbilt | |
2017-08-22 | Bump soname to 18 and version to 7.0.b1release-qpdf-7.0.b1 | Jay Berkenbilt | |
2017-08-22 | Limit token length during xref recovery | Jay Berkenbilt | |
While scanning the file looking for objects, limit the length of tokens we allow. This prevents us from getting caught up in reading a file character by character while digging through large streams. | |||
2017-08-22 | Fix logic error in recovery | Jay Berkenbilt | |
A stray semicolon caused a condition to be incorrectly applied during stream length recovery. | |||
2017-08-22 | Push QPDF member variables into a nested class | Jay Berkenbilt | |
Pushing member variables into a nested class enables addition of new member variables without breaking binary compatibility. | |||
2017-08-21 | Enable finer grained control of stream decoding | Jay Berkenbilt | |
This commit adds several API methods that enable control over which types of filters QPDF will attempt to decode. It also adds support for /RunLengthDecode and /DCTDecode filters for both encoding and decoding. | |||
2017-08-12 | Prevent a division by zero error (fixes #141) | Jay Berkenbilt | |
Bad /W in an xref stream could cause a division by zero error. Now this is handled as a special case. | |||
2017-08-11 | Read xref table without PCRE | Jay Berkenbilt | |
Also accept more errors than before. | |||
2017-08-11 | Reconstruct xref without PCRE | Jay Berkenbilt | |
2017-08-11 | Improve stream length recovery | Jay Berkenbilt | |
Eliminate PCRE and find endobj not preceded by endstream. Be more lax about placement of endstream and endobj. | |||
2017-08-11 | Find xref without PCRE | Jay Berkenbilt | |
2017-08-11 | Find starxref without PCRE | Jay Berkenbilt | |
2017-08-11 | Find header without PCRE | Jay Berkenbilt | |
2017-08-11 | Allow QPDFTokenizer::readToken to return bad tokens | Jay Berkenbilt | |
Sometimes we want to ignore bad tokens rather than having them throw an exception. A coverage case is commented out here and added in a later commit. | |||
2017-07-30 | Catch more exceptions while resolving objects | Jay Berkenbilt | |
2017-07-30 | When recover stream length, indicate the length (fixes #44) | Jay Berkenbilt | |
2017-07-29 | Handle zlib data errors better (fixes #106) | Jay Berkenbilt | |
2017-07-29 | Better recovery of bad stream start (fixes #104) | Jay Berkenbilt | |
2017-07-29 | Use 1.2 as the version if we can't read it from the header | Jay Berkenbilt | |
The code was using 1.0, but we use /FlateDecode, which didn't appear until 1.2. | |||
2017-07-29 | Add option to preserve unreferenced objects | Jay Berkenbilt | |
2017-07-29 | Explicitly check root dictionary type | Jay Berkenbilt | |
Very badly corrupted files may not have a retrievable root dictionary. Handle that as a special case so that a more helpful error message can be provided. | |||
2017-07-28 | Add precheck streams capability | Jay Berkenbilt | |
When requested, QPDFWriter will do more aggress prechecking of streams to make sure it can actually succeed in decoding them before attempting to do so. This will allow preservation of raw data even when the raw data is corrupted relative to the specified filters. | |||
2017-07-28 | Convert many more errors to warnings | Jay Berkenbilt | |
2017-07-28 | Convert object parsing errors to warnings | Jay Berkenbilt | |
QPDFObjectHandle::parseInternal now issues warnings instead of throwing exceptions for all error conditions that it finds (except internal logic errors) and has stronger recovery for things like invalid tokens and malformed dictionaries. This should improve qpdf's ability to recover from a wide range of broken files that currently cause it to fail. | |||
2017-07-26 | Detect recursion loops resolving objects (fixes #51) | Jay Berkenbilt | |
During parsing of an object, sometimes parts of the object have to be resolved. An example is stream lengths. If such an object directly or indirectly points to the object being parsed, it can cause an infinite loop. Guard against all cases of re-entrant resolution of objects. | |||
2017-07-26 | Handle object ID 0 (fixes #99) | Jay Berkenbilt | |
This is CVE-2017-9208. The QPDF library uses object ID 0 internally as a sentinel to represent a direct object, but prior to this fix, was not blocking handling of 0 0 obj or 0 0 R as a special case. Creating an object in the file with 0 0 obj could cause various infinite loops. The PDF spec doesn't allow for object 0. Having qpdf handle object 0 might be a better fix, but changing all the places in the code that assumes objid == 0 means direct would be risky. | |||
2017-07-26 | Avoid xref reconstruction infinite loop (fixes #100) | Jay Berkenbilt | |
This is CVE-2017-9209. | |||
2015-11-10 | Prepare 6.0.0 releaserelease-qpdf-6.0.0 | Jay Berkenbilt | |
2015-11-01 | Prepare 5.2.0 releaserelease-qpdf-5.2.0 | Jay Berkenbilt | |
2015-10-31 | Tolerate some mangled xref tables | Jay Berkenbilt | |
If xref table entries lack the spec-required trailing whitespace or contain a small amount of extra space, handle them anyway. | |||
2015-10-31 | Remove trailing whitespace | Jay Berkenbilt | |
2015-05-24 | Prepare 5.1.3 releaserelease-qpdf-5.1.3 | Jay Berkenbilt | |
2014-06-07 | Prepare 5.1.2 releaserelease-qpdf-5.1.2 | Jay Berkenbilt | |
2014-01-14 | Prepare 5.1.1 releaserelease-qpdf-5.1.1 | Jay Berkenbilt | |
2013-12-26 | Avoid traversing same object twice when copying objects | Jay Berkenbilt | |
This is a performance fix. The output is unchanged. Fixes #28. | |||
2013-12-17 | Prepare 5.1.0 releaserelease-qpdf-5.1.0 | Jay Berkenbilt | |
2013-12-14 | Allow arbitrary whitespace, not just newline, after xref | Jay Berkenbilt | |
Fixes #27. | |||
2013-11-29 | Include <algorithm> for std::min, std::max | Jay Berkenbilt | |
2013-10-18 | Prepare for 5.0.1 releaserelease-qpdf-5.0.1 | Jay Berkenbilt | |