-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, Apr 02, 2020 at 09:20:40PM -0400, Demi M. Obenour wrote: > On 2020-04-02 21:12, Jason Phan wrote: > > On Apr 03, Marek Marczykowski-Górecki wrote: > >> The idea is to verify if they are non-malicious, not necessary "correct". > >> So, as soon you verify they conform to the expected format, you can drop > >> "untrusted_" prefix. > > > > Ah, gotcha. > >> Also, be careful about things like server sending too much or too little > >> data. > > > > Oof, my brain is blanking. Could you give some examples of what could > > happen if a server sent too much/little?
For too much - at least running out of memory on the client side. For too little, depending on a place, most likely you'll get an exception, but I wouldn't be surprised to see also some corner cases like silently dropping half of the page. > > Thanks btw for all the help! > > > > Jason Phan > > > > Also, don’t forget about other use-cases, like printing or OCR. > A converted PDF should print just as well as the original. > > Marek: is OCR on a converted PDF safe? Being able to reconstruct the > text is very much useful. That's a tricky question. qpdf-convert-server have significant control over input for such OCR (within realm of valid image data). So, given complexity of OCR software, I think nothing can be completely ruled out. But also, I think (because of guaranteed proper input format) some catastrophic failure is unlikely. In fact, I consider another method for preserving text data. Enhanced "simpler representation", which besides pure image, contains also text annotations. Thing like series of (coordinates, text) pairs. This needs careful design, to be reasonably safe (for example defining what "text" could contain, to not risk re-interpreting it as something else in the PDF, or some intermediate tool). > Also, could this be integrated into CUPS? I don't see why not. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl6GlX4ACgkQ24/THMrX 1yzTRAf/ZpR89/rXY60DlaDlkKFfpS0/id4InapJC4XMveVxwVcQF8dtyyprzPJ0 0i+jn8NLntBnYVYwYb9K4zyfbEEo36uuDN0emE6/XcdkhjbQ6zldPMTwVIWxphEH e1VwA0+OvoFEqT1xAQoR+KXbbuQ2F/U1uy9IUaI7TjNxxdhR91WG7r/mA183ZR/P xkGgXo+oTFDTEeSvMVVDqR3u0fGUbr17cY3ltypcBDrTP9XGvfLKmQT4wEzPKtWg E93YrsSmSH8OvvYRHAo/wEgZoBlaoA6T+kwMw8FN5CYR9zEfwI3wi8jP04KBGP5U JKFlhRg9w5t/B9Md0Vl6VUjf77/E7w== =0qdK -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20200403014637.GS18599%40mail-itl.