Author: tilman
Date: Wed Jul 23 08:10:35 2025
New Revision: 1927414
Log:
PDFBOX-6044: avoid potential OOM
Modified:
pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Modified:
pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
==============================================================================
--- pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Wed Jul 23 08:10:32 2025 (r1927413)
+++ pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Wed Jul 23 08:10:35 2025 (r1927414)
@@ -154,6 +154,11 @@ public class PfbParser
size += in.read() << 16;
size += in.read() << 24;
LOG.debug("record type: {}, segment size: {}", recordType, size);
+ if (size > pfb.length)
+ {
+ // PDFBOX-6044: avoid potential OOM
+ throw new IOException("record size " + size + "would be larger
than the input");
+ }
byte[] ar = new byte[size];
int got = in.read(ar);
if (got != size)
