Dne 16.7.2013 21:40, Dominik Seichter napsal(a):
Thanks for pointing this out. Are you able to provide a patch for this? Is it enough to insert something like: outLen = PDF_MAX(outLen, 16) ?
Hi,
the attached patch makes it survive (PDF referenec says how to pad and
enlarge the buffer), but it doesn't fix AES decoder as such. I attached
some test PDFs, created with PoDoFo. They have set "user" and "owner"
passwords. The RC4 encrypted passwords are read correctly, at least when
I check outStr at PdfEncryptRC4::Decrypt, but the same documents
encrypted with AES show garbage at PdfEncryptAESV2::Decrypt. Acrobar
Reader opens the files without any issue.
Hope it helps,
zyx
encrypt-aesv2.pdf
Description: Adobe PDF document
Description: Adobe PDF document
Description: Adobe PDF document
Description: Adobe PDF documentIndex: src/podofo/base/PdfString.cpp =================================================================== --- src/podofo/base/PdfString.cpp (revision 119) +++ src/podofo/base/PdfString.cpp (working copy) @@ -303,20 +303,20 @@ void PdfString::SetHexData( const char* if( pEncrypt ) { - pdf_long outBufferLen = m_buffer.GetSize()-2 - pEncrypt->CalculateStreamOffset(); - PdfRefCountedBuffer outBuffer(outBufferLen); + pdf_long outBufferLen = m_buffer.GetSize() - 2 - pEncrypt->CalculateStreamOffset(); + PdfRefCountedBuffer outBuffer(outBufferLen + 16 - (outBufferLen % 16)); pEncrypt->Decrypt( reinterpret_cast<unsigned char*>(m_buffer.GetBuffer()), static_cast<unsigned int>(m_buffer.GetSize()-2), reinterpret_cast<unsigned char*>(outBuffer.GetBuffer()), - static_cast<unsigned int>(outBuffer.GetSize())); + static_cast<unsigned int>(outBufferLen)); // Replace buffer with decrypted value m_buffer = outBuffer; } // Now check for the first two bytes, to see if we got a unicode string - if( m_buffer.GetSize()-2 > 2 ) + if( m_buffer.GetSize() > 4 ) { m_bUnicode = (m_buffer.GetBuffer()[0] == static_cast<char>(0xFE) && m_buffer.GetBuffer()[1] == static_cast<char>(0xFF)); Index: src/podofo/base/PdfTokenizer.cpp =================================================================== --- src/podofo/base/PdfTokenizer.cpp (revision 119) +++ src/podofo/base/PdfTokenizer.cpp (working copy) @@ -716,7 +716,7 @@ void PdfTokenizer::ReadString( PdfVarian if( pEncrypt ) { pdf_long outLen = m_vecBuffer.size() - pEncrypt->CalculateStreamOffset(); - char * outBuffer = new char[outLen]; + char * outBuffer = new char[outLen + 16 - (outLen % 16)]; pEncrypt->Decrypt( reinterpret_cast<unsigned char*>(&(m_vecBuffer[0])), static_cast<unsigned int>(m_vecBuffer.size()), reinterpret_cast<unsigned char*>(outBuffer), outLen);------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk_______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users
