[jira] [Comment Edited] (PDFBOX-6038) Potential StackOverflow in PDFStreamParser

Tue, 22 Jul 2025 11:54:04 -0700 


    [ 
https://issues.apache.org/jira/browse/PDFBOX-6038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18009068#comment-18009068
 ] 

Tilman Hausherr edited comment on PDFBOX-6038 at 7/22/25 6:53 PM:
------------------------------------------------------------------

I couldn't reproduce it (maybe my stack is bigger than yours) but it makes 
sense to fix it. No, nesting isn't allowed.


was (Author: tilman):
I couldn't reproduce it (maybe my stack is bigger than yours) but it makes 
sense. No, nesting isn't allowed.

> Potential StackOverflow in PDFStreamParser
> ------------------------------------------
>
>                 Key: PDFBOX-6038
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-6038
>             Project: PDFBox
>          Issue Type: Bug
>          Components: Parsing
>    Affects Versions: 2.0.34, 3.0.5 PDFBox, 4.0.0
>            Reporter: David Justamante
>            Priority: Minor
>              Labels: patch
>             Fix For: 2.0.35, 3.0.6 PDFBox, 4.0.0
>
>         Attachments: data.bin, patch.diff
>
>
> This issue is being *manually* filed by the competition organizers. We 
> recognize there is a number of AI generated submissions as of late. We have 
> gone through the manual process of bug/patch validation to prevent 
> unnecessary "noise", respecting maintainers' time.  
> This submission is being sent as part of DARPA's AIxCC competition. 
> (https://aicyberchallenge.com) This issue was discovered by an autonomous 
> Cyber Reasoning System (CRS) and validated by competition engineers. The 
> patch was manually constructed by the competition engineers.
> BeginImage tags trigger recursion. If a stream has any number of {{BI}} 
> greater than {{{}-Xss{}}}, then a StackOverflow is triggered.
> Triggering code: 
> [https://github.com/google/oss-fuzz/blob/master/projects/pdfbox/project-parent/fuzz-targets/src/test/java/com/example/PDFStreamParserFuzzer.java#L39]
> The patch sets an arbitrary max depth. We didn't spend the time to determine 
> if any recursion is allowed within an inline image.
> (AIxCC Internal: CHA-1728)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Reply via email to