Hello,
Recursion is at many places, not only in PdfParser, I have feeling
everywhere where is recursion in pdf structures like trees, for example
GetPageNode in PdfPagesTree. There is no problem to create small pdf with
too large depth, also this can be cycled via references and I am now not
sure whether is this treated. But what would be safe maximum recursion
depth, maybe 10-100? Maybe better would be to avoid it and use queues or
deques, heap is larger than stack and memory allocation fault can be
checked better than size of stack.
On Thu, Feb 1, 2018 at 12:46 AM, Matthew Brincke <ma...@mailbox.org> wrote:
> [ grammar fix in quoted text ]
>
> Hello Dominik, hello all,
>
> Dominik Seichter <domseich...@googlemail.com> wrote on 27 January 2018,
> 13:23:
> >
> >
> > Hi Matthew et al.,
> >
> >
> > On Fri, Jan 26, 2018 at 11:35 PM, Matthew Brincke <ma...@mailbox.org>
> wrote:
> >
> >> [ Left Dominik in To to help him follow this thread, fixed text typos ]
> >>
> >> Hello Dominik, hello all,
> >>
> >>> Dominik Seichter via Podofo-users has written on 26 January 2018 at
> 17:37:
> >>>
> >>>
> >>> Hi Mattia,
> >>>
> >>> Thanks for the good summary! Let me comment on the open issues.
> >>>
> >>> Unfixed security issues:
> >> ... snip ...
> >>>
> >>> https://security-tracker.debian.org/tracker/CVE-2017-8053
> >>> -> Please see proposed patch in attachment. Can somebody test/review?
> >>>
> >>
> >> In line 13 of the patch, there are typos, it should be "already
> visited",
> >> line 14 doesn't really fit (which object?), and in general, shouldn't
> >> there be a maximum recursion depth which is checked for, to prevent a
> >> stack overflow? AFAICS there is no standard function/method to check
> >> available stack space ;-( ...
> >
> > Yes, typos fixed and line 14 removed. Also agreed, that a maximum check
> > might be nice. Still, the patch should address the main issue of being
> > vulnerable to certain PDF files.
>
> AIUI without a check for a maximum recursion depth files can be crafted,
> maximally some MiB large, which cause so deep recursion that the (default)
> stack size is exhausted and, therefore, a stack overflow occurs. For that
> reason, Dominik, please include the check in your fix for CVE-2017-8053.
>
> >
> > Best regards,
> > Dominik
>
> Best regards, mabri
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Podofo-users mailing list
> Podofo-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/podofo-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
