[
https://issues.apache.org/jira/browse/PDFBOX-5339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17477790#comment-17477790
]
Andreas Lehmkühler commented on PDFBOX-5339:
--------------------------------------------
[~msahyoun] thanks for the pointer. You are right ERROR is too much. I've
lowered it to WARN, similar to the following messages. It is correct that
PDFBox is recovering from that issue but it omits the remaining part of the
dictionary in question which might lead to subsequent issues
> A list of bugs found (70 bugs in total)
> ---------------------------------------
>
> Key: PDFBOX-5339
> URL: https://issues.apache.org/jira/browse/PDFBOX-5339
> Project: PDFBox
> Issue Type: Bug
> Affects Versions: 2.0.25, 3.0.0 PDFBox
> Reporter: Huang Wenjie
> Priority: Minor
> Attachments: crash-4698e0dc7833a3f959d06707e01d03cda52a83f4
>
>
> 1. Unique Bugs Found
> Recently we (Zhang Cen, [https://github.com/occia] and Huang Wenjie
> [https://github.com/ZanderHuang]) discovered a series of bugs in latest
> pdfbox (3.0.0-alpha2).
> Every bug we reported in the following is unique and reproducable.
> Furthermore, they have been manually analyzed and triaged in removing the
> duplicates.
> Due to the lack of contextual knowledge in the pdfbox library, we cannot
> thoroughly fix some bugs hence we look forward to any proposed plan from the
> developers in fixing these bugs.
> 2. Bug Report and Crash Seeds
> The bug report folder can be downloaded from
> [https://drive.google.com/drive/folders/1TMOzudQOVXPKdZ1--NyusyV7kHRA2MSE?usp=sharing]
> It contains both reports and crash seeds.
> 3. Test Program to Reproduce Crashes
> The test program can be downloaded from
> [https://drive.google.com/file/d/1r0OsDC0vg8Qc-XtGg0XDKbxubaPozcBj/view?usp=sharing]
> Total 70 bugs are reported in this issue.
> A full list is provided below.
> 4. Folder structure
> - Level 1 (folder): exception type
> - Level 2 (folder): error location
> - Level 3 (files): POC file and report.txt including reproducing steps
> 5. report.txt content:
> 1. Exception type
> 2. Error location
> 3. Bug cause and impact
> 4. Crash thread's stacks
> 5. Steps to reproduce
>
> 6. Bug full list (crashes under java.lang.IllegalArgumentException and
> IllegalStateException should be wrapped instead of using the common exception
> types)
> pdfbox_reported_crashes
> ├── java.lang.ArrayIndexOutOfBoundsException
> │ ├─? org.apache.fontbox.cff.CFFParser.readString--CFFParser.java-781
> │ ├─= org.apache.fontbox.cff.Type1CharString.seac--Type1CharString.java-484
> │ ├─=
> org.apache.fontbox.ttf.HorizontalMetricsTable.getAdvanceWidth--HorizontalMetricsTable.java-113
> │ ├─=
> org.apache.pdfbox.filter.CCITTFaxDecoderStream.decode2D--CCITTFaxDecoderStream.java-218
> │ └──
> org.apache.pdfbox.pdfparser.PDFXrefStreamParser=ObjectNumbers.<init>--PDFXrefStreamParser.java-202
> ├── java.lang.ClassCastException
> │ ├─= org.apache.fontbox.cff.CFFParser.parseType1Dicts--CFFParser.java-765
> │ ├─=
> org.apache.fontbox.cmap.CMapParser.parseBeginbfrange--CMapParser.java-377
> │ ├─=
> org.apache.pdfbox.contentstream.operator.text.SetTextLeading.process--SetTextLeading.java-37
> │ ├─=
> org.apache.pdfbox.pdmodel.font.PDFont.getAverageFontWidth--PDFont.java-402
> │ ├─=
> org.apache.pdfbox.pdmodel.font.PDType1CFont.<init>--PDType1CFont.java-101
> │ └── org.apache.pdfbox.util.Matrix.<init>--Matrix.java-70
> ├── java.lang.IllegalArgumentException
> │ ├─=
> org.apache.fontbox.cff.CFFParser=DictData=Entry.getBoolean--CFFParser.java-1247
> │ ├─= org.apache.fontbox.cff.CFFParser.readCharset--CFFParser.java-1042
> │ ├─= org.apache.fontbox.cff.CFFParser.readEncoding--CFFParser.java-808
> │ ├─=
> org.apache.fontbox.cff.Type1CharString.callothersubr--Type1CharString.java-383
> │ ├─=
> org.apache.fontbox.cff.Type1CharString.handleType1Command--Type1CharString.java-319
> │ ├── org.apache.pdfbox.cos.COSObjectKey.<init>--COSObjectKey.java-54
> │ ├── org.apache.pdfbox.cos.COSObjectKey.<init>--COSObjectKey.java-58
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDFontFactory.createDescendantFont--PDFontFactory.java-128
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDFontFactory.createFont--PDFontFactory.java-100
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDFontFactory.createFont--PDFontFactory.java-104
> │ ├─=
> org.apache.pdfbox.pdmodel.font.PDType1Font.<init>--PDType1Font.java-202
> │ └── org.apache.pdfbox.util.Matrix.checkFloatValues--Matrix.java-300
> ├── java.lang.IllegalStateException
> │ ├──
> org.apache.fontbox.cff.CFFCharsetCID.getSIDForGID--CFFCharsetCID.java-59
> │ └── org.apache.pdfbox.pdmodel.PDPageTree.sanitizeType--PDPageTree.java-261
> ├── java.lang.IndexOutOfBoundsException
> │ ├─=
> org.apache.fontbox.cff.CFFParser=DictData=Entry.getNumber--CFFParser.java-1229
> │ ├─=
> org.apache.fontbox.cff.Type1CharString.handleType1Command--Type1CharString.java-292
> │ ├──
> org.apache.fontbox.cff.Type2CharString.handleType2Command--Type2CharString.java-146
> │ ├─= org.apache.fontbox.util.BoundingBox.<init>--BoundingBox.java-65
> │ ├─=
> org.apache.pdfbox.contentstream.operator.text.SetTextLeading.process--SetTextLeading.java-37
> │ └── org.apache.pdfbox.cos.COSArray.getObject--COSArray.java-205
> ├── java.lang.NegativeArraySizeException
> │ └─=
> org.apache.pdfbox.pdfparser.PDFXrefStreamParser.parse--PDFXrefStreamParser.java-123
> ├── java.lang.NullPointerException
> │ ├─= org.apache.fontbox.cff.CFFParser.parseFont--CFFParser.java-486
> │ ├─= org.apache.fontbox.cff.CFFParser.readString--CFFParser.java-779
> │ ├── org.apache.fontbox.cmap.CMap.toInt--CMap.java-207
> │ ├─= org.apache.fontbox.type1.Token.intValue--Token.java-107
> │ ├─? org.apache.fontbox.type1.Type1Parser.parseASCII--Type1Parser.java-125
> │ ├─? org.apache.fontbox.type1.Type1Parser.parseBinary--Type1Parser.java-530
> │ ├─?
> org.apache.fontbox.type1.Type1Parser.readEncoding--Type1Parser.java-210
> │ ├─=
> org.apache.fontbox.type1.Type1Parser.readOtherSubrs--Type1Parser.java-714
> │ ├─=
> org.apache.fontbox.type1.Type1Parser.readPostScriptWrapper--Type1Parser.java-423
> │ ├─= org.apache.fontbox.type1.Type1Parser.readProc--Type1Parser.java-458
> │ ├─=
> org.apache.fontbox.type1.Type1Parser.readProcVoid--Type1Parser.java-492
> │ ├─= org.apache.fontbox.type1.Type1Parser.read--Type1Parser.java-852
> │ ├─=
> org.apache.pdfbox.pdmodel.encryption.PDEncryption.getFilter--PDEncryption.java-159
> │ ├─?
> org.apache.pdfbox.pdmodel.font.PDSimpleFont.getStandard14Width--PDSimpleFont.java-327
> │ ├─=
> org.apache.pdfbox.pdmodel.font.PDTrueTypeFont.codeToGID--PDTrueTypeFont.java-549
> │ ├─=
> org.apache.pdfbox.pdmodel.font.PDType1CFont.codeToName--PDType1CFont.java-270
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDType1Font.codeToName--PDType1Font.java-552
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDType3Font.generateBoundingBox--PDType3Font.java-321
> │ ├──
> org.apache.pdfbox.pdmodel.font.PDType3Font.generateBoundingBox--PDType3Font.java-334
> │ └─=
> org.apache.pdfbox.pdmodel.font.PDType3Font.getCharProc--PDType3Font.java-373
> ├── java.lang.NumberFormatException
> │ ├── org.apache.fontbox.cmap.CMapParser.parseNextToken--CMapParser.java-657
> │ ├── org.apache.fontbox.cmap.CMapParser.parseNextToken--CMapParser.java-661
> │ ├── org.apache.fontbox.type1.Token.floatValue--Token.java-112
> │ ├── org.apache.fontbox.type1.Token.intValue--Token.java-107
> │ └── org.apache.fontbox.type1.Type1Lexer.tryReadNumber--Type1Lexer.java-337
> ├── java.lang.StackOverflowError
> │ ├──
> org.apache.pdfbox.cos.COSDictionary.getCOSArray--COSDictionary.java-593
> │ ├──
> org.apache.pdfbox.cos.COSDictionary.getDictionaryObject--COSDictionary.java-178
> │ ├── org.apache.pdfbox.cos.COSName.equals--COSName.java-738
> │ ├─=
> org.apache.pdfbox.io.RandomAccessReadBuffer.read--RandomAccessReadBuffer.java-217
> │ ├─=
> org.apache.pdfbox.pdfparser.BaseParser.isValidUTF8--BaseParser.java-788
> │ ├── org.apache.pdfbox.pdmodel.PDPageTree.getKids--PDPageTree.java-156
> │ ├── org.apache.pdfbox.util.SmallMap.findKey--SmallMap.java-67
> │ └── org.apache.pdfbox.util.SmallMap.get--SmallMap.java-126
> └── java.nio.BufferUnderflowException
> ├── org.apache.fontbox.type1.Type1Lexer.getChar--Type1Lexer.java-93
> └──
> org.apache.fontbox.type1.Type1Lexer.readCharString--Type1Lexer.java-472
>
> 7. Crashes under IllegalArgumentException and IllegalStateException types
> A couple of crashes are found under IllegalArgumentException and
> IllegalStateException. These exceptions are caught and thrown by Pdfbox and
> they are not bugs but non standard way of handling exceptions.
> It will be better to standardize it by creating an exception wrapping for the
> intended exceptions.
>
> Any further discussion for these vulnerabilities including fix is welcomed
> and look forward to hearing from you.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
