core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp - Issue 501823003: Perform better input checks in early steps of parser.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

Issue 501823003: Perform better input checks in early steps of parser. (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master

Patch Set: Untabify Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

index e0fd3bfaeecea13e1b023d68982f3d35897ff2b9..d2a02d0177d686878bbd6f9460b292d3b09e566c 100644

--- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

+++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

@@ -158,10 +158,17 @@ FX_DWORD CPDF_Parser::StartParse(IFX_FileRead* pFileAccess, FX_BOOL bReParse, FX

}

m_Syntax.InitParser(pFileAccess, offset);

FX_BYTE ch;

- m_Syntax.GetCharAt(5, ch);

+ if (!m_Syntax.GetCharAt(5, ch) || ch < '0' || ch > '9') {

jun_fang 2014/08/25 19:44:04 This is used to parse file version which is not im

Tom Sepez 2014/08/25 20:05:32 Ok. I'll keep going but ingore out-of-range value

+ return PDFPARSE_ERROR_FORMAT;

+ }

m_FileVersion = (ch - '0') * 10;

- m_Syntax.GetCharAt(7, ch);

+ if (!m_Syntax.GetCharAt(7, ch) || ch < '0' || ch > '9') {

+ return PDFPARSE_ERROR_FORMAT;

+ }

m_FileVersion += ch - '0';

+ if (m_Syntax.m_FileLen < m_Syntax.m_HeaderOffset + 9) {

+ return PDFPARSE_ERROR_FORMAT;

+ }

m_Syntax.RestorePos(m_Syntax.m_FileLen - m_Syntax.m_HeaderOffset - 9);

if (!bReParse) {

m_pDocument = FX_NEW CPDF_Document(this);

« no previous file with comments | « no previous file | no next file » | no next file with comments »