[ https://issues.apache.org/jira/browse/PDFBOX-4360?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664098#comment-16664098 ]
Tilman Hausherr commented on PDFBOX-4360: ----------------------------------------- I suspect that all that needs to be done is to enlarge the array to add lots of {{-1}}. > ArrayIndexOutOfBoundsException in ASCIIHexFilter > ------------------------------------------------ > > Key: PDFBOX-4360 > URL: https://issues.apache.org/jira/browse/PDFBOX-4360 > Project: PDFBox > Issue Type: Bug > Affects Versions: 2.0.12 > Reporter: Robin Schimpf > Priority: Minor > Attachments: ArrayIndexOutOfBoundsException ASCIIHexFilter#decode > > > Fuzzing PDF loading with [JQF|https://github.com/rohanpadhye/jqf] triggered > an ArrayIndexOutOfBoundsException. > {code:java} > java.lang.ArrayIndexOutOfBoundsException: 172 > at > org.apache.pdfbox.filter.ASCIIHexFilter.decode(ASCIIHexFilter.java:83) > at org.apache.pdfbox.filter.Filter.decode(Filter.java:87) > at org.apache.pdfbox.cos.COSInputStream.create(COSInputStream.java:77) > at org.apache.pdfbox.cos.COSStream.createInputStream(COSStream.java:175) > at org.apache.pdfbox.cos.COSStream.createInputStream(COSStream.java:163) > at > org.apache.pdfbox.pdfparser.PDFObjectStreamParser.<init>(PDFObjectStreamParser.java:55) > at > org.apache.pdfbox.pdfparser.COSParser.parseObjectStream(COSParser.java:977) > at > org.apache.pdfbox.pdfparser.COSParser.retrieveCOSDictionary(COSParser.java:2277) > at > org.apache.pdfbox.pdfparser.COSParser.searchForTrailerItems(COSParser.java:2235) > at > org.apache.pdfbox.pdfparser.COSParser.rebuildTrailer(COSParser.java:2216) > at > org.apache.pdfbox.pdfparser.COSParser.retrieveTrailer(COSParser.java:279) > at > org.apache.pdfbox.pdfparser.PDFParser.initialParse(PDFParser.java:171) > at org.apache.pdfbox.pdfparser.PDFParser.parse(PDFParser.java:220) > at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1160) > at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1057) > ... > {code} > The Code used for fuzzing is > {code:java} > PDDocument.load(inputStream) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org