Hi
I’ve been trying to write unit tests for CVE-2017-5855 and CVE-2017-6844, and
now think both are false positives due to a bug in Address Sanitizer triggered
by large values passed to std::vector::resize()
The issues were both found with American Fuzzy Lop (AFL) and Address Sanitizer
(ASAN).
Hi
Here’s a simple patch for CVE-2018-5296 – it reduces the limit returned by
GetMaxObjectCount from std::numeric_limits::max() to 8,388,607 which is
the limit for for the maximum number of indirect objects specified in Table C.1
in Appendix C.2 Architectural Limits in PDF 32000-1:2008
Best Re
