dany/pdfio
1
0
Fork 0
mirror of https://github.com/michaelrsweet/pdfio.git synced 2025-08-29 15:22:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix denial-of-service attack when reading corrupt PDF files.

Browse Source
This commit is contained in:
Michael R Sweet
2023-02-03 20:39:04 -05:00
parent 57d5894f33
commit 4f10021e7e
9 changed files with 43 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pdfio-common.c
View File

@@ -1,7 +1,7 @@
//
// Common support functions for pdfio.
//
// Copyright © 2021 by Michael R Sweet.
// Copyright © 2021-2023 by Michael R Sweet.
//
// Licensed under Apache License v2.0. See the file "LICENSE" for more
// information.
@@ -38,6 +38,8 @@ _pdfioFileConsume(pdfio_file_t *pdf, // I - PDF file
else if (_pdfioFileSeek(pdf, (off_t)bytes, SEEK_CUR) < 0)
return (false);
PDFIO_DEBUG("_pdfioFileConsume: pos=%ld\n", (long)(pdf->bufpos + pdf->bufptr - pdf->buffer));
return (true);
}
@@ -525,7 +527,7 @@ read_buffer(pdfio_file_t *pdf, // I - PDF file
return (rbytes);
}
//
// 'write_buffer()' - Write a buffer to a PDF file.
//