Commit 3e74916c5a658d310c37b7dd73b0305c0d1e8ff9
1 parent
f78ea057
Fix seg fault on empty xref stream (fixes #263)
Thanks to @p-cher for supplying a patch.
Showing
4 changed files
with
49 additions
and
1 deletions
libqpdf/QPDF.cc
| ... | ... | @@ -1228,7 +1228,11 @@ QPDF::getObjectCount() |
| 1228 | 1228 | { |
| 1229 | 1229 | o1 = (*(this->m->obj_cache.rbegin())).first; |
| 1230 | 1230 | } |
| 1231 | - QPDFObjGen o2 = (*(this->m->xref_table.rbegin())).first; | |
| 1231 | + QPDFObjGen o2(0, 0); | |
| 1232 | + if (! this->m->xref_table.empty()) | |
| 1233 | + { | |
| 1234 | + o2 = (*(this->m->xref_table.rbegin())).first; | |
| 1235 | + } | |
| 1232 | 1236 | QTC::TC("qpdf", "QPDF indirect last obj from xref", |
| 1233 | 1237 | (o2.getObj() > o1.getObj()) ? 1 : 0); |
| 1234 | 1238 | return std::max(o1.getObj(), o2.getObj()); | ... | ... |
qpdf/qtest/qpdf.test
| ... | ... | @@ -450,6 +450,7 @@ my @bug_tests = ( |
| 450 | 450 | ["149", "xref prev pointer loop", 3], |
| 451 | 451 | ["150", "integer overflow", 2], |
| 452 | 452 | ["202", "even more deeply nested dictionary", 2], |
| 453 | + ["263", "empty xref stream", 3], | |
| 453 | 454 | ); |
| 454 | 455 | $n_tests += scalar(@bug_tests); |
| 455 | 456 | foreach my $d (@bug_tests) | ... | ... |
qpdf/qtest/qpdf/issue-263.out
0 → 100644
| 1 | +WARNING: issue-263.pdf: can't find PDF header | |
| 2 | +WARNING: issue-263.pdf: file is damaged | |
| 3 | +WARNING: issue-263.pdf: can't find startxref | |
| 4 | +WARNING: issue-263.pdf: Attempting to reconstruct cross-reference table | |
| 5 | +WARNING: issue-263.pdf (trailer, offset 66): unknown token while reading object; treating as string | |
| 6 | +WARNING: issue-263.pdf (trailer, offset 75): unknown token while reading object; treating as string | |
| 7 | +WARNING: issue-263.pdf (trailer, offset 79): unknown token while reading object; treating as string | |
| 8 | +WARNING: issue-263.pdf (trailer, offset 82): unexpected ) | |
| 9 | +WARNING: issue-263.pdf (trailer, offset 83): unknown token while reading object; treating as string | |
| 10 | +WARNING: issue-263.pdf (trailer, offset 87): unexpected > | |
| 11 | +WARNING: issue-263.pdf (trailer, offset 89): unexpected dictionary close token | |
| 12 | +WARNING: issue-263.pdf (trailer, offset 92): unexpected > | |
| 13 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake1 | |
| 14 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake2 | |
| 15 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake3 | |
| 16 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake4 | |
| 17 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake5 | |
| 18 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake6 | |
| 19 | +WARNING: issue-263.pdf (trailer, offset 40): expected dictionary key but found non-name object; inserting key /QPDFFake7 | |
| 20 | +WARNING: issue-263.pdf (trailer, offset 98): unknown token while reading object; treating as string | |
| 21 | +WARNING: issue-263.pdf (trailer, offset 103): unexpected ) | |
| 22 | +WARNING: issue-263.pdf (trailer, offset 107): unknown token while reading object; treating as string | |
| 23 | +WARNING: issue-263.pdf (trailer, offset 119): expected dictionary key but found non-name object; inserting key /QPDFFake1 | |
| 24 | +WARNING: issue-263.pdf (trailer, offset 163): unknown token while reading object; treating as string | |
| 25 | +WARNING: issue-263.pdf (trailer, offset 173): unknown token while reading object; treating as string | |
| 26 | +WARNING: issue-263.pdf (trailer, offset 113): expected dictionary key but found non-name object; inserting key /QPDFFake1 | |
| 27 | +WARNING: issue-263.pdf (trailer, offset 113): expected dictionary key but found non-name object; inserting key /QPDFFake2 | |
| 28 | +WARNING: issue-263.pdf (trailer, offset 113): dictionary ended prematurely; using null as value for last key | |
| 29 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake1 | |
| 30 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake2 | |
| 31 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake3 | |
| 32 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake4 | |
| 33 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake5 | |
| 34 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake6 | |
| 35 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake7 | |
| 36 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake8 | |
| 37 | +WARNING: issue-263.pdf (trailer, offset 18): expected dictionary key but found non-name object; inserting key /QPDFFake9 | |
| 38 | +qpdf: operation succeeded with warnings; resulting file may have some problems | ... | ... |
qpdf/qtest/qpdf/issue-263.pdf
0 → 100644
| 1 | +%PDFn | |
| 2 | +trailer | |
| 3 | +<</S10/Prev 5137/Root <<5 0 R/In-2476-247682085 0 R82085 0 Rfo R/I)D[<>>7>>8>]>> | |
| 4 | +sbj 5) 0 obj <</Des<</4/Prtor 12>>/Filter/Flatode/ID[<07>]/Inf 0 R/Len50/R R/Size >>-247682085 -247682085 >>-247682085 0 R-247682085 -247682085 0 R26/Type/XRef/W[1 2 9]>>stream | |
| 5 | +h | |
| 0 | 6 | \ No newline at end of file | ... | ... |