Alex Rebert created PDFBOX-4623:
-----------------------------------
Summary: COSParser: Infinite recursion
Key: PDFBOX-4623
URL: https://issues.apache.org/jira/browse/PDFBOX-4623
Project: PDFBox
Issue Type: Bug
Components: Parsing
Affects Versions: 2.0.16
Environment: java version "12" 2019-03-19
Java(TM) SE Runtime Environment (build 12+33)
Java HotSpot(TM) 64-Bit Server VM (build 12+33, mixed mode, sharing)
MacOS Mojave
Reporter: Alex Rebert
Attachments: infinite-recursion.pdf
Parsing an invalid PDF can lead to an infinite recursion in COSParser, which
results in a StackOverflowError.
*Steps to repro*
# Download malformed PDF (attached)
# {{Run: java -jar pdfbox-app-2.0.16.jar ExtractText infinite-recursion.pdf}}
*Stacktrace*
{noformat}
Exception in thread "main" java.lang.StackOverflowError [1005/1916]
at java.base/sun.nio.cs.UTF_8.updatePositions(UTF_8.java:79)
at java.base/sun.nio.cs.UTF_8$Decoder.xflow(UTF_8.java:210)
at java.base/sun.nio.cs.UTF_8$Decoder.decodeArrayLoop(UTF_8.java:321)
at java.base/sun.nio.cs.UTF_8$Decoder.decodeLoop(UTF_8.java:414)
at java.base/java.nio.charset.CharsetDecoder.decode(CharsetDecoder.java:578)
at java.base/java.nio.charset.CharsetDecoder.decode(CharsetDecoder.java:801)
at org.apache.pdfbox.pdfparser.BaseParser.isValidUTF8(BaseParser.java:787)
at org.apache.pdfbox.pdfparser.BaseParser.parseCOSName(BaseParser.java:768)
at org.apache.pdfbox.pdfparser.BaseParser.parseDirObject(BaseParser.java:887)
at
org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionaryValue(BaseParser.java:154)
at
org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionaryNameValuePair(BaseParser.java:283)
at
org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionary(BaseParser.java:216)
at org.apache.pdfbox.pdfparser.BaseParser.parseDirObject(BaseParser.java:867)
at org.apache.pdfbox.pdfparser.COSParser.parseFileObject(COSParser.java:912)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:881)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:801)
at org.apache.pdfbox.pdfparser.COSParser.getLength(COSParser.java:1055)
at org.apache.pdfbox.pdfparser.COSParser.parseCOSStream(COSParser.java:1114)
at org.apache.pdfbox.pdfparser.COSParser.parseFileObject(COSParser.java:920)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:881)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:801)
at org.apache.pdfbox.pdfparser.COSParser.getLength(COSParser.java:1055)
at org.apache.pdfbox.pdfparser.COSParser.parseCOSStream(COSParser.java:1114)
at org.apache.pdfbox.pdfparser.COSParser.parseFileObject(COSParser.java:920)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:881)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:801)
at org.apache.pdfbox.pdfparser.COSParser.getLength(COSParser.java:1055)
at org.apache.pdfbox.pdfparser.COSParser.parseCOSStream(COSParser.java:1114)
at org.apache.pdfbox.pdfparser.COSParser.parseFileObject(COSParser.java:920)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:881)
at
org.apache.pdfbox.pdfparser.COSParser.parseObjectDynamically(COSParser.java:801)
at org.apache.pdfbox.pdfparser.COSParser.getLength(COSParser.java:1055)
at org.apache.pdfbox.pdfparser.COSParser.parseCOSStream(COSParser.java:1114)
...
{noformat}
The files was generated by fuzzing and is (probably) not a valid PDF file.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
