Author: tilman
Date: Wed Jul 23 08:27:39 2025
New Revision: 1927419
Log:
PDFBOX-6044: avoid potential OOM
Modified:
pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Modified:
pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
==============================================================================
---
pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Wed Jul 23 08:27:35 2025 (r1927418)
+++
pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/pfb/PfbParser.java
Wed Jul 23 08:27:39 2025 (r1927419)
@@ -145,7 +145,7 @@ public class PfbParser
List<Integer> typeList = new ArrayList<Integer>(3);
List<byte[]> barrList = new ArrayList<byte[]>(3);
ByteArrayInputStream in = new ByteArrayInputStream(pfb);
- int total = 0;
+ long total = 0;
do
{
int r = in.read();
@@ -195,8 +195,13 @@ public class PfbParser
// We now have ASCII and binary segments. Lets arrange these so that
the ASCII segments
// come first, then the binary segments, then the last ASCII segment
if it is
// 0000... cleartomark
-
- pfbdata = new byte[total];
+
+ if (total > pfb.length)
+ {
+ // PDFBOX-6044: avoid potential OOM
+ throw new IOException("total record size " + total + " would be
larger than the input");
+ }
+ pfbdata = new byte[(int) total];
byte[] cleartomarkSegment = null;
int dstPos = 0;
