OpenSystemsDevelopment / qpdf

Alternative clean dct fuzz changes

Previous test case was lost in #1221. Test file was created from
object-stream.pdf by adding a reference to itself into object stream 1 0.

As a rule, we should avoid conditional compilation is it always causes
code paths that are sometimes not even seen lexically by the compiler.
Also, we want the actual code being fuzzed to be as close as possible
to the real code. Conditional compilation is suitable to handle
underlying system differences.

Instead, favor configuration using callbacks or other methods that can
be triggered in the places where they need to be exercised.

Add further sanity and loop detection checks

Invalid entries are created when objects in the stream do not have
an existing xref entry.

Ensure objects with impossibly large ids are ignored.

Add extra fuzz test case and amend memory limit for Pl_DCT.

Refine #1225

In QPDFOutlineObjectHelper detect loops in direct children

Also, add diagnostic messages in qpdf_fuzzer and additional fuzz test case.

Limit memory used for JPEG decompression during fuzzing

Fix #1170

In PL_DCT add option to limit the size of uncompressed corrupt data

In QPDF::read_xrefEntry add buffer overflow test for first eol character.
Overlong f1 or f2 entries consisting only of zeros could cause a buffer
overflow.

Add fuzz testcase 69913.

Refine handling of severely damaged files

Also, apply limit in dct_fuzzer

Also add new fuzz test case.

Amend fuzz future

Refactor QPDF::parse_xrefEntry

QPDF::processXRefStream

Update README-maintainer with wip / modernize qpdf

Fuzz future

A file that has Widget annotations that can't be mapped back to form
fields would crash qpdf json.

Standardize on "qpdf"

Use "QPDF" only for the QPDF class itself.