poppler/Lexer.cc | 32 +++++++++++++++++++++++++------- poppler/Object.cc | 5 ++++- poppler/Object.h | 14 +++++++++++--- poppler/SecurityHandler.cc | 22 ++++++++++++++++++++++ 4 files changed, 62 insertions(+), 11 deletions(-)
New commits: commit e7a5e9f70ee1283a2ca6734552d905279c97989b Author: Albert Astals Cid <[email protected]> Date: Fri Jun 4 08:46:33 2010 +0100 a bit of docu diff --git a/poppler/Object.h b/poppler/Object.h index a71dca8..2b9f20c 100644 --- a/poppler/Object.h +++ b/poppler/Object.h @@ -99,7 +99,7 @@ enum ObjType { objNone, // uninitialized object // poppler-only objects - objUint // overflown integer + objUint // overflown integer that still fits in a unsigned integer }; #define numObjTypes 15 // total number of object types commit 9ff4dab2558f7c2700fd7fcaccacdad9619dbdda Author: Albert Astals Cid <[email protected]> Date: Fri Jun 4 08:44:34 2010 +0100 Add support for unsigned integer numbers So files store their P as a 32 bit unsigned instead of as a 32 bit signed, making us to overflow our objInt parsing and rejecting to open the file, this patch introduces objUint that only happens when the number is not real, does not fit in a 32 bit integer but still fits in a 32 bit unsigned integer diff --git a/poppler/Lexer.cc b/poppler/Lexer.cc index 60bb09e..6250d40 100644 --- a/poppler/Lexer.cc +++ b/poppler/Lexer.cc @@ -13,9 +13,9 @@ // All changes made under the Poppler project to this file are licensed // under GPL version 2 or later // -// Copyright (C) 2010 Carlos Garcia Campos <[email protected]> -// Copyright (C) 2006-2009 Albert Astals Cid <[email protected]> +// Copyright (C) 2006-2010 Albert Astals Cid <[email protected]> // Copyright (C) 2006 Krzysztof Kowalczyk <[email protected]> +// Copyright (C) 2010 Carlos Garcia Campos <[email protected]> // // To see a description of the changes please see the Changelog file that // came with your tarball or type make ChangeLog if you are building from git @@ -154,10 +154,11 @@ int Lexer::lookChar() { Object *Lexer::getObj(Object *obj, int objNum) { char *p; int c, c2; - GBool comment, neg, done, overflownInteger; + GBool comment, neg, done, overflownInteger, overflownUnsignedInteger; int numParen; int xi; - double xf, scale; + unsigned int xui = 0; + double xf = 0, scale; GooString *s; int n, m; @@ -185,6 +186,7 @@ Object *Lexer::getObj(Object *obj, int objNum) { case '5': case '6': case '7': case '8': case '9': case '+': case '-': case '.': overflownInteger = gFalse; + overflownUnsignedInteger = gFalse; neg = gFalse; xi = 0; if (c == '-') { @@ -199,12 +201,22 @@ Object *Lexer::getObj(Object *obj, int objNum) { if (isdigit(c)) { getChar(); if (unlikely(overflownInteger)) { - xf = xf * 10.0 + (c - '0'); + if (overflownUnsignedInteger) { + xf = xf * 10.0 + (c - '0'); + } else { + overflownUnsignedInteger = gTrue; + xf = xui * 10.0 + (c - '0'); + } } else { if (unlikely(xi > IntegerSafeLimit) && (xi > (INT_MAX - (c - '0')) / 10.0)) { overflownInteger = gTrue; - xf = xi * 10.0 + (c - '0'); + if (xi > (UINT_MAX - (c - '0')) / 10.0) { + overflownUnsignedInteger = gTrue; + xf = xi * 10.0 + (c - '0'); + } else { + xui = xi * 10.0 + (c - '0'); + } } else { xi = xi * 10 + (c - '0'); } @@ -219,7 +231,11 @@ Object *Lexer::getObj(Object *obj, int objNum) { if (neg) xi = -xi; if (unlikely(overflownInteger)) { - obj->initError(); + if (overflownUnsignedInteger) { + obj->initError(); + } else { + obj->initUint(xui); + } } else { obj->initInt(xi); } @@ -227,6 +243,8 @@ Object *Lexer::getObj(Object *obj, int objNum) { doReal: if (likely(!overflownInteger)) { xf = xi; + } else if (!overflownUnsignedInteger) { + xf = xui; } scale = 0.1; while (1) { diff --git a/poppler/Object.cc b/poppler/Object.cc index 49b2d44..9c05557 100644 --- a/poppler/Object.cc +++ b/poppler/Object.cc @@ -13,7 +13,7 @@ // All changes made under the Poppler project to this file are licensed // under GPL version 2 or later // -// Copyright (C) 2008 Albert Astals Cid <[email protected]> +// Copyright (C) 2008, 2010 Albert Astals Cid <[email protected]> // // To see a description of the changes please see the Changelog file that // came with your tarball or type make ChangeLog if you are building from git @@ -223,6 +223,9 @@ void Object::print(FILE *f) { case objNone: fprintf(f, "<none>"); break; + case objUint: + fprintf(f, "%u", uintg); + break; } } diff --git a/poppler/Object.h b/poppler/Object.h index eb3fc33..a71dca8 100644 --- a/poppler/Object.h +++ b/poppler/Object.h @@ -15,7 +15,7 @@ // // Copyright (C) 2007 Julien Rebetez <[email protected]> // Copyright (C) 2008 Kees Cook <[email protected]> -// Copyright (C) 2008 Albert Astals Cid <[email protected]> +// Copyright (C) 2008, 2010 Albert Astals Cid <[email protected]> // Copyright (C) 2009 Jakub Wilk <[email protected]> // // To see a description of the changes please see the Changelog file that @@ -96,10 +96,13 @@ enum ObjType { objCmd, // command name objError, // error return from Lexer objEOF, // end of file return from Lexer - objNone // uninitialized object + objNone, // uninitialized object + + // poppler-only objects + objUint // overflown integer }; -#define numObjTypes 14 // total number of object types +#define numObjTypes 15 // total number of object types //------------------------------------------------------------------------ // Object @@ -145,6 +148,8 @@ public: { initObj(objError); return this; } Object *initEOF() { initObj(objEOF); return this; } + Object *initUint(unsigned int uintgA) + { initObj(objUint); uintg = uintgA; return this; } // Copy an object. Object *copy(Object *obj); @@ -177,6 +182,7 @@ public: GBool isError() { return type == objError; } GBool isEOF() { return type == objEOF; } GBool isNone() { return type == objNone; } + GBool isUint() { return type == objUint; } // Special type checking. GBool isName(char *nameA) @@ -200,6 +206,7 @@ public: int getRefNum() { OBJECT_TYPE_CHECK(objRef); return ref.num; } int getRefGen() { OBJECT_TYPE_CHECK(objRef); return ref.gen; } char *getCmd() { OBJECT_TYPE_CHECK(objCmd); return cmd; } + unsigned int getUint() { OBJECT_TYPE_CHECK(objUint); return uintg; } // Array accessors. int arrayGetLength(); @@ -242,6 +249,7 @@ private: union { // value for each type: GBool booln; // boolean int intg; // integer + unsigned int uintg; // unsigned integer double real; // real GooString *string; // string char *name; // name diff --git a/poppler/SecurityHandler.cc b/poppler/SecurityHandler.cc index ea91e21..630c753 100644 --- a/poppler/SecurityHandler.cc +++ b/poppler/SecurityHandler.cc @@ -6,6 +6,20 @@ // //======================================================================== +//======================================================================== +// +// Modified under the Poppler project - http://poppler.freedesktop.org +// +// All changes made under the Poppler project to this file are licensed +// under GPL version 2 or later +// +// Copyright (C) 2010 Albert Astals Cid <[email protected]> +// +// To see a description of the changes please see the Changelog file that +// came with your tarball or type make ChangeLog if you are building from git +// +//======================================================================== + #include <config.h> #ifdef USE_GCC_PRAGMAS @@ -27,6 +41,8 @@ #endif #include "SecurityHandler.h" +#include <limits.h> + //------------------------------------------------------------------------ // SecurityHandler //------------------------------------------------------------------------ @@ -145,6 +161,12 @@ StandardSecurityHandler::StandardSecurityHandler(PDFDoc *docA, encryptDictA->dictLookup("O", &ownerKeyObj); encryptDictA->dictLookup("U", &userKeyObj); encryptDictA->dictLookup("P", &permObj); + if (permObj.isUint()) { + unsigned int permUint = permObj.getUint(); + int perms = permUint - UINT_MAX - 1; + permObj.free(); + permObj.initInt(perms); + } doc->getXRef()->getTrailerDict()->dictLookup("ID", &fileIDObj); if (versionObj.isInt() && revisionObj.isInt() && _______________________________________________ poppler mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/poppler
