David Justamante created PDFBOX-6039:
----------------------------------------
Summary: Potential StackOverflow in COSUpdateState
Key: PDFBOX-6039
URL: https://issues.apache.org/jira/browse/PDFBOX-6039
Project: PDFBox
Issue Type: Bug
Affects Versions: 4.0.0
Reporter: David Justamante
Attachments: example.pdf, patch.diff
This issue is being *manually* filed by the competition organizers. We
recognize there is a number of AI generated submissions as of late. We have
gone through the manual process of bug/patch validation to prevent unnecessary
"noise", respecting maintainers' time.
This submission is being sent as part of DARPA's AIxCC competition.
(https://aicyberchallenge.com) This issue was discovered by an autonomous Cyber
Reasoning System (CRS) and validated by competition engineers. The patch was
manually constructed by the competition engineers.
Unlimited recursion can cause StackOverflow in UpdateInfo. We weren't sure what
the correct behavior/checks should be so we arbitrarily set a depth limit.
You'll know better how to prevent this.
(AIxCC Internal: CHA-1729)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
