On Sun, 2016-05-08 at 17:46 +0000, zyx wrote: > On Sat, 2016-05-07 at 09:29 -0500, Mark Rogers wrote:>> Is the behaviour in > PdfString intentional or should it be patched as >> below?
> Hi, > (mostly :) ) no bug is intentional, one change had been done in > revision 610 and one at revision 642 (see the commit comments). > https://sourceforge.net/p/podofo/code/610 > https://sourceforge.net/p/podofo/code/642 > My understanding of the changes is that the expectation is that the > internal buffer has stored the strings in unicode with a null- > terminating character, which is 2 bytes long in the raw buffer. Hi all, please also note what I wrote on this topic in a different, earlier thread: Message-ID: <1999657706.870025.1453662574817.javamail.ya...@mail.yahoo.com>, archive Web URL https://sourceforge.net/p/podofo/mailman/message/34791645/ titled "PdfString with negative length" where I reviewed a patch for that from a security researcher, and asked for some fixes to that, but nothing came of it, either on the list, or personally to me. > Did you manage to reproduce this with a certain PDF file content, or by > creating the PdfString instance in some code from scratch? That's also interesting for me, please share. > Thanks and bye, > zyx Best regards, mabri ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users
