On 2015-09-11 06:59, Even Rouault wrote:
Hi,
here's a V2 implementing suggested changes.
Best regards,
Even
From 0001-Catalog-getNumPages-validate-page-count.patch:
@@ -856,6 +856,18 @@ int Catalog::getNumPages()
}
} else {
numPages = (int)obj.getNum();
+ if (numPages <= 0 ) {
+ error(errSyntaxError, -1,
+ "Invalid page count {0:d}", numPages);
+ numPages = 0;
+ }
+ else if (numPages > xref->getNumObjects()) {
+ error(errSyntaxError, -1,
+ "Page count ({0:d}) larger than number of objects
({1:d})",
+ numPages, xref->getNumObjects());
+ numPages = 0;
+ }
+
}
catDict.free();
I know I said I liked the idea of comparing the number of pages to the
number
of objects, but on second thought, I think I could make a PDF that was
just
many copies of the same page so it would be a completely valid PDF that
has
more pages than objects. I don't know of a good way to validate the
page
count. Even going through the page tree might be hard to do right
without
leading to an infinite loop, in addition to being slow.
_______________________________________________
poppler mailing list
poppler@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/poppler
