Hi,
thank you for your testing.
There was an other place where the PdfString with two trailing zeros was
not handled correctly.
So for me your test shows the following failures:
- "Producer not set as expected 'test', but 'test' instead" for both RC4
- "Producer not set as expected 'test', but 'test♀♀♀♀♀♀♀♀♀♀♀♀' instead"
for both AES
The GetStringUtf8() in your test cuts off the last two characters, which
should be the two trailing zeros.
But in PdfString::SetHexData for encrypted strings the adding of the two
trailing zeros was missing.
So with the old version it works because PoDoFo was putting the two
trailing zeros inside the encrypted string.
But if you try to read a PDF that was crated by an other application,
there are no trailing zeros inside the encrypted strings.
And PoDoFo cuts off the last two characters of the real string.
So attached is the new patch including the fix for PdfString::SetHexData.
Than the test shows four times "OK".
Bye
Andreas
Am 28.04.2015 um 20:51 schrieb zyx:
On Tue, 2015-04-14 at 18:28 +0200, Andreas Brzesowsky wrote:
So please check my changes and add them to the repository.
Hi,
I tried your change on top of revision 1670 and the attached
encrypt.cpp test and it fails on AES encryptions, while without the
patch the test succeeds.
Could you have a look, please?
Bye,
zyx
--
dots <http://www.dots.de/en/>
Andreas Brzesowsky
dots Software GmbH
Schlesische Str. 27, 10997 Berlin, Germany
Phone: +49 (0)30 695 799-34, Fax: +49 (0)30 695 799-55
andreas.brzesow...@dots.de <mailto:andreas.brzesow...@dots.de>
http://www.dots.de <http://www.dots.de/>
Amtsgericht (District Court): Berlin Charlottenburg HRB 65201
Geschäftsführer (Managing Directors): Olaf Lorenz
Follow us on: Twitter <http://www.dots.de/?id=twitter> Youtube
<http://www.dots.de/?id=youtube> Xing <http://www.dots.de/?id=xing>
Index: src/base/PdfObjectStreamParserObject.cpp
===================================================================
--- src/base/PdfObjectStreamParserObject.cpp (revision 1670)
+++ src/base/PdfObjectStreamParserObject.cpp (working copy)
@@ -100,7 +100,8 @@
// use a second tokenizer here so that anything that gets
dequeued isn't left in the tokenizer that reads the offsets and lengths
PdfTokenizer variantTokenizer( device, m_buffer );
- if( m_pEncrypt && m_pEncrypt->GetEncryptAlgorithm() ==
PdfEncrypt::ePdfEncryptAlgorithm_AESV2 )
+ if( m_pEncrypt && (m_pEncrypt->GetEncryptAlgorithm() ==
PdfEncrypt::ePdfEncryptAlgorithm_AESV2
+ || m_pEncrypt->GetEncryptAlgorithm() ==
PdfEncrypt::ePdfEncryptAlgorithm_RC4V2) )
variantTokenizer.GetNextVariant( var, 0 ); // Stream is
already decrypted
else
variantTokenizer.GetNextVariant( var, m_pEncrypt );
Index: src/base/PdfString.cpp
===================================================================
--- src/base/PdfString.cpp (revision 1670)
+++ src/base/PdfString.cpp (working copy)
@@ -109,7 +109,7 @@
Init( pszString, strlen( pszString ) );
}
-#if defined(_MSC_VER) && _MSC_VER <= 1200 // nicht fόr
Visualstudio 6
+#if defined(_MSC_VER) && _MSC_VER <= 1200 // nicht fοΏ½r
Visualstudio 6
#else
PdfString::PdfString( const wchar_t* pszString, pdf_long lLen )
{
@@ -315,7 +315,11 @@
static_cast<unsigned int>(m_buffer.GetSize()-2),
reinterpret_cast<unsigned
char*>(outBuffer.GetBuffer()),
outBufferLen);
- outBuffer.Resize(outBufferLen);
+ // Add trailing pair of zeros
+ outBuffer.Resize(outBufferLen + 2);
+ outBuffer.GetBuffer()[outBufferLen] = '\0';
+ outBuffer.GetBuffer()[outBufferLen + 1] = '\0';
+
// Replace buffer with decrypted value
m_buffer = outBuffer;
}
@@ -344,7 +348,7 @@
// Now we are not encrypting the empty strings (was access violation)!
if( pEncrypt && m_buffer.GetSize())
{
- pdf_long nInputBufferLen = m_buffer.GetSize();
+ pdf_long nInputBufferLen = m_buffer.GetSize() - 2; // Cut off the
trailing pair of zeros
pdf_long nUnicodeMarkerOffet = sizeof( PdfString::s_pszUnicodeMarker );
if( m_bUnicode )
nInputBufferLen += nUnicodeMarkerOffet;
@@ -354,10 +358,10 @@
if( m_bUnicode )
{
memcpy(pInputBuffer, PdfString::s_pszUnicodeMarker,
nUnicodeMarkerOffet);
- memcpy(&pInputBuffer[nUnicodeMarkerOffet], m_buffer.GetBuffer(),
m_buffer.GetSize());
+ memcpy(&pInputBuffer[nUnicodeMarkerOffet], m_buffer.GetBuffer(),
nInputBufferLen - nUnicodeMarkerOffet);
}
else
- memcpy(pInputBuffer, m_buffer.GetBuffer(), m_buffer.GetSize());
+ memcpy(pInputBuffer, m_buffer.GetBuffer(), nInputBufferLen);
pdf_long nOutputBufferLen =
pEncrypt->CalculateStreamLength(nInputBufferLen);
@@ -378,7 +382,7 @@
if( m_buffer.GetSize() )
{
char* pBuf = m_buffer.GetBuffer();
- pdf_long lLen = m_buffer.GetSize() - 2;
+ pdf_long lLen = m_buffer.GetSize() - 2; // Cut off the trailing pair
of zeros
if( m_bHex )
{
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
