[
https://issues.apache.org/jira/browse/PDFBOX-6041?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andreas Lehmkühler reassigned PDFBOX-6041:
------------------------------------------
Assignee: Andreas Lehmkühler
> Potential StackOverflows in BaseParser
> --------------------------------------
>
> Key: PDFBOX-6041
> URL: https://issues.apache.org/jira/browse/PDFBOX-6041
> Project: PDFBox
> Issue Type: Bug
> Components: Parsing
> Affects Versions: 4.0.0
> Reporter: David Justamante
> Assignee: Andreas Lehmkühler
> Priority: Minor
> Labels: patch
> Attachments: example.pdf, patch.diff
>
>
> This issue is being manually filed by the competition organizers. We
> recognize there is a number of AI generated submissions as of late. We have
> gone through the manual process of bug/patch validation to prevent
> unnecessary "noise", respecting maintainers' time.
> This submission is being sent as part of DARPA's AIxCC competition.
> (https://aicyberchallenge.com) This issue was discovered by an autonomous
> Cyber Reasoning System (CRS) and validated by competition engineers. The
> patch was automatically constructed by the autonomous CRS, but validated by
> the competition engineers.
> There are three areas where the BaseParser recurses:
> {{{}parseCOSDictionary{}}}, {{parseCOSArray}} and {{{}parseDirObject{}}}.
> There are currently no checks on recursion depth. StackOverflows can be
> triggered by any recursive combination of calls that exceed {{{}-Xss{}}}.
> (AIxCC Internal: CHA-1731)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
