Handle invalid encryption Length (fixes #333)

Jay Berkenbilt
1 parent 551dfbf6
Showing 6 changed files with 102 additions and 14 deletions
ChangeLog
libqpdf/QPDF_encryption.cc
manual/qpdf-manual.xml
qpdf/qtest/qpdf.test
qpdf/qtest/qpdf/bad-encryption-length.out
qpdf/qtest/qpdf/bad-encryption-length.pdf
 2019-06-22  Jay Berkenbilt  <ejb@ql.org>
+	* Handle encrypted files with missing or invalid /Length entries
+	in the encryption dictionary.
+
 	* QPDFWriter: allow calling set*EncryptionParameters before
 	calling setFilename. Fixes #336.
@@ -935,22 +935,38 @@ QPDF::initializeEncryption()
         pad_short_parameter(Perms, Perms_key_bytes_V5);
     }
-    int Length = 40;
-    if (encryption_dict.getKey("/Length").isInteger())
+    int Length = 0;
+    if (V <= 1)
     {
-	Length = encryption_dict.getKey("/Length").getIntValueAsInt();
-        if (R < 3)
+        Length = 40;
+    }
+    else if (V == 4)
+    {
+        Length = 128;
+    }
+    else if (V == 5)
+    {
+        Length = 256;
+    }
+    else
+    {
+        if (encryption_dict.getKey("/Length").isInteger())
+        {
+            Length = encryption_dict.getKey("/Length").getIntValueAsInt();
+            if ((Length % 8) || (Length < 40) || (Length > 128))
+            {
+                Length = 0;
+            }
+        }
+        if (Length == 0)
         {
-            // Force Length to 40 regardless of what the file says.
-            Length = 40;
+            Length = 128;
         }
-	if ((Length % 8) || (Length < 40) || (Length > 256))
-	{
-	    throw QPDFExc(qpdf_e_damaged_pdf, this->m->file->getName(),
-			  "encryption dictionary",
-                          this->m->file->getLastOffset(),
-			  "invalid /Length value in encryption dictionary");
-	}
+    }
+    if (Length == 0)
+    {
+        // Still no Length? Just take a guess.
+        Length = 128;
     }
     this->m->encp->encrypt_metadata = true;
@@ -4353,6 +4353,14 @@ print &quot;\n&quot;;
           segmentation fault.
          </para>
         </listitem>
+        <listitem>
+         <para>
+          When reading encrypted files, follow the spec more closely
+          regarding encryption key length. This allows qpdf to open
+          encrypted files in most cases when they have invalid or
+          missing /Length keys in the encryption dictionary.
+         </para>
+        </listitem>
        </itemizedlist>
       </listitem>
       <listitem>
@@ -3523,7 +3523,7 @@ foreach my $d (@enc_key)
 }
 # Miscellaneous encryption tests
-$n_tests += 2;
+$n_tests += 3;
 $td->runtest("set encryption before set filename",
              {$td->COMMAND => "test_driver 63 minimal.pdf"},
@@ -3534,6 +3534,11 @@ $td-&gt;runtest(&quot;check file&#39;s validity&quot;,
              {$td->FILE => "encrypt-before-filename.out",
                   $td->EXIT_STATUS => 0},
              $td->NORMALIZE_NEWLINES);
+$td->runtest("handle missing/invalid Length",
+             {$td->COMMAND => "qpdf --check bad-encryption-length.pdf"},
+             {$td->FILE => "bad-encryption-length.out",
+                  $td->EXIT_STATUS => 0},
+             $td->NORMALIZE_NEWLINES);
 show_ntests();
 # ----------
+checking bad-encryption-length.pdf
+PDF Version: 1.4
+R = 3
+P = -4
+User password = 
+extract for accessibility: allowed
+extract for any purpose: allowed
+print low resolution: allowed
+print high resolution: allowed
+modify document assembly: allowed
+modify forms: allowed
+modify annotations: allowed
+modify other: allowed
+modify anything: allowed
+File is not linearized
+No syntax or stream encoding errors found; the file may still contain
+errors that qpdf cannot detect