Author: lehmi
Date: Mon May 30 17:00:06 2011
New Revision: 1129256
URL: http://svn.apache.org/viewvc?rev=1129256&view=rev
Log:
PDFBOX-771: ensure that the rows value of a CCITTFax encoded xobject doesn't
contain implausible data
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecodeFilter.java
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/xobject/PDCcitt.java
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecodeFilter.java
URL:
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecodeFilter.java?rev=1129256&r1=1129255&r2=1129256&view=diff
==============================================================================
---
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecodeFilter.java
(original)
+++
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecodeFilter.java
Mon May 30 17:00:06 2011
@@ -71,9 +71,11 @@ public class CCITTFaxDecodeFilter implem
compressedData.read(compressed, 0, length);
int cols = decodeParms.getInt(COSName.COLUMNS, 1728);
int rows = decodeParms.getInt(COSName.ROWS, 0);
- if (rows == 0)
+ int height = options.getInt(COSName.HEIGHT, 0);
+ if (rows > 0 && height > 0)
{
- rows = options.getInt(COSName.HEIGHT);
+ // ensure that rows doesn't contain implausible data, see
PDFBOX-771
+ rows = Math.min(rows, height);
}
int k = decodeParms.getInt(COSName.K);
int arraySize = (cols + 7) / 8 * rows;
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/xobject/PDCcitt.java
URL:
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/xobject/PDCcitt.java?rev=1129256&r1=1129255&r2=1129256&view=diff
==============================================================================
---
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/xobject/PDCcitt.java
(original)
+++
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/xobject/PDCcitt.java
Mon May 30 17:00:06 2011
@@ -34,6 +34,7 @@ import org.apache.pdfbox.cos.COSArray;
import org.apache.pdfbox.cos.COSBase;
import org.apache.pdfbox.cos.COSDictionary;
import org.apache.pdfbox.cos.COSName;
+import org.apache.pdfbox.cos.COSStream;
import org.apache.pdfbox.io.RandomAccess;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.common.PDStream;
@@ -107,8 +108,8 @@ public class PDCcitt extends PDXObjectIm
public BufferedImage getRGBImage() throws IOException
{
BufferedImage retval = null;
- InputStream stream = getCOSStream().getUnfilteredStream();
- COSBase decodeP =
getPDStream().getStream().getDictionaryObject(COSName.DECODE_PARMS);
+ COSStream stream = getCOSStream();
+ COSBase decodeP = stream.getDictionaryObject(COSName.DECODE_PARMS);
COSDictionary decodeParms = null;
if (decodeP instanceof COSDictionary)
decodeParms = (COSDictionary)decodeP;
@@ -116,9 +117,11 @@ public class PDCcitt extends PDXObjectIm
decodeParms = (COSDictionary)((COSArray)decodeP).get(0);
int cols = decodeParms.getInt(COSName.COLUMNS, 1728);
int rows = decodeParms.getInt(COSName.ROWS, 0);
- if (rows == 0)
+ int height = stream.getInt(COSName.HEIGHT);
+ if (rows > 0 && height > 0)
{
- rows = getPDStream().getStream().getInt(COSName.HEIGHT);
+ // ensure that rows doesn't contain implausible data, see
PDFBOX-771
+ rows = Math.min(rows, height);
}
boolean blackIsOne = decodeParms.getBoolean(COSName.BLACK_IS_1, false);
@@ -135,7 +138,8 @@ public class PDCcitt extends PDXObjectIm
ByteArrayOutputStream baos = new ByteArrayOutputStream();
int bytesRead;
byte[] data = new byte[16384];
- while ((bytesRead = stream.read(data, 0, data.length)) != -1) {
+ InputStream unfilteredStream = stream.getUnfilteredStream();
+ while ((bytesRead = unfilteredStream.read(data, 0, data.length)) !=
-1) {
baos.write(data, 0, bytesRead);
}
baos.flush();
