[
https://issues.apache.org/jira/browse/PDFBOX-3888?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17061441#comment-17061441
]
Tilman Hausherr commented on PDFBOX-3888:
-----------------------------------------
Thanks, and no, this code was written related to the [Mar 8 '19 at
16:16|https://stackoverflow.com/questions/55049270/how-can-i-prevent-universal-signature-forgery-usf-incremental-saving-attack#comment96881624_55062177]
comment by mkl in [https://stackoverflow.com/questions/55049270] and with a
"verify everything, trust nothing" mindset related to the work by
[https://pdf-insecurity.org/] .
> Refactor COSParser
> ------------------
>
> Key: PDFBOX-3888
> URL: https://issues.apache.org/jira/browse/PDFBOX-3888
> Project: PDFBox
> Issue Type: Improvement
> Components: Parsing
> Affects Versions: 3.0.0 PDFBox
> Reporter: Andreas Lehmkühler
> Assignee: Andreas Lehmkühler
> Priority: Major
> Labels: parsing
> Fix For: 3.0.0 PDFBox
>
>
> The COSParser contains a lot of stuff which is more or less hard to
> understand/maintain. I'm going to refactor some of the code as follows
> - separate the bruteforce stuff maybe in its own class
> - separate the parsing of the xref data maybe in its own class
> - lay the foundation for the on demand parser
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
