Hello Mark, hello all, > On 15 April 2018 at 22:06 Mark Rogers <mark.rog...@powermapper.com> wrote: > > > Hi > > > Here’s a simple patch for CVE-2018-5296 – it reduces the limit returned > by GetMaxObjectCount from std::numeric_limits::max() to 8,388,607 which > is the limit for for the maximum number of indirect objects specified > in Table C.1 in Appendix C.2 Architectural Limits in PDF 32000-1:2008 > the standard says there the limits are 32-bit systems whereas PoDoFo uses 64-bit types in many places, therefore I'm feeling a bit uneasy with the patch: Can anyone please shed some more light on this issue?
> > Best Regards > > > Mark > Best regards, mabri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users
