OpenSystemsDevelopment / qpdf

Refactor xref reconstruction

Avoid unnecessary rescanning of lines and repositioning of input file.
Limit max size of tokens.

Adjust qpdf_fuzzer warnings limit

Mark intentional unsigned integer wrapping in MD5_native::transform and adjust fuzzer memory limits

Wrap-around is intentional and generates false positives

Update TODO.md

Also, remove closed fuzz cases.

In FUTURE make various QPDFObjectHandle methods const

Adjust fuzzer warning and memory limits

Fix QPDFOutlineDocumentHelper::resolveNamedDest  (fixes #1238)

Throw damagedFile if max_warnings is exceeded. Change qpdf_fuzzer warnings limit to
limit to 500.

Tighten page tree checks

Add further sanity checks to QPDF::reconstruct_xref

Handle case where named destination is a dictionary with /D entry.

Test case is hand-edited outlines-with-old-root-dests.pdf with modified
object 107.

Run getAllPages as sanity check and throw an exception if too many
warnings are generated or no pages are found.

Add further sanity check to QPDF::reconstruct_xref

Try a  limit of 50MB. For very large limits processing time before
damage is encountered may exceed oss-fuzz limits.
Add further test cases.

If reconstruct_xref generates more than 1000 warnings give up because the
file is so severely damaged that there is very little point continuing.

Add extra sanity check on pages tree

Reject non-dictionary Page and Pages objects.

Also add additional qpdf_fuzzer test cases.

Add additional xref reconstruction sanity checks and fuzz test cases

If throw_on_corrupt is set, use a custom implementation of libjeg's
emit_message procedure to throw an exception when the first corrupt data
warning is encountered.

Add test case for oss-fuzz 15471 and 69977a

Check that xref table is not empty after recovery. Empty xref tables
disable other sanity checks.

Fix Pl_DCT memory limit

Add qpdf_fuzzer test case