diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt index 38b55c6..87c0c54 100644 --- a/fuzz/CMakeLists.txt +++ b/fuzz/CMakeLists.txt @@ -158,6 +158,7 @@ set(CORPUS_OTHER 398060137.fuzz 409905355.fuzz 411312393.fuzz + 433311400.fuzz 5109284021272576.fuzz ) diff --git a/fuzz/qpdf_extra/433311400.fuzz b/fuzz/qpdf_extra/433311400.fuzz new file mode 100644 index 0000000..ea84c27 --- /dev/null +++ b/fuzz/qpdf_extra/433311400.fuzz diff --git a/fuzz/qtest/fuzz.test b/fuzz/qtest/fuzz.test index 8d1f863..530c935 100644 --- a/fuzz/qtest/fuzz.test +++ b/fuzz/qtest/fuzz.test @@ -11,7 +11,7 @@ my $td = new TestDriver('fuzz'); my $qpdf_corpus = $ENV{'QPDF_FUZZ_CORPUS'} || die "must set QPDF_FUZZ_CORPUS"; -my $n_qpdf_files = 96; # increment when adding new files +my $n_qpdf_files = 97; # increment when adding new files my @fuzzers = ( ['ascii85' => 1], diff --git a/libqpdf/QPDFFormFieldObjectHelper.cc b/libqpdf/QPDFFormFieldObjectHelper.cc index 91c3a65..f806888 100644 --- a/libqpdf/QPDFFormFieldObjectHelper.cc +++ b/libqpdf/QPDFFormFieldObjectHelper.cc @@ -773,6 +773,12 @@ QPDFFormFieldObjectHelper::generateTextAppearance(QPDFAnnotationObjectHelper& ao aoh.getObjectHandle().warnIfPossible("unable to get normal appearance stream for update"); return; } + + if (AS.getObj().use_count() > 4) { + aoh.getObjectHandle().warnIfPossible( + "unable to generate text appearance from shared appearance stream for update"); + return; + } QPDFObjectHandle bbox_obj = AS.getDict().getKey("/BBox"); if (!bbox_obj.isRectangle()) { aoh.getObjectHandle().warnIfPossible("unable to get appearance stream bounding box"); @@ -831,7 +837,6 @@ QPDFFormFieldObjectHelper::generateTextAppearance(QPDFAnnotationObjectHelper& ao for (size_t i = 0; i < opt.size(); ++i) { opt.at(i) = (*encoder)(opt.at(i), '?'); } - AS.addTokenFilter( std::shared_ptr(new ValueSetter(DA, V, opt, tf, bbox))); }