svn commit: r1895828 - /pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java
Author: tilman Date: Sun Dec 12 05:28:49 2021 New Revision: 1895828 URL: http://svn.apache.org/viewvc?rev=1895828=rev Log: PDFBOX-5339: avoid IllegalArgumentException Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java?rev=1895828=1895827=1895828=diff == --- pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java (original) +++ pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java Sun Dec 12 05:28:49 2021 @@ -321,10 +321,10 @@ public class Type1CharString { // end } -else if ("return".equals(name)) +else if ("return".equals(name) || "callsubr".equals(name)) { // indicates an invalid charstring -LOG.warn("Unexpected charstring command: " + command.getKey() + " in glyph " + +LOG.warn("Unexpected charstring command: " + name + " in glyph " + glyphName + " of font " + fontName); } else if (name != null)
svn commit: r1895827 - /pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java
Author: tilman Date: Sun Dec 12 05:28:41 2021 New Revision: 1895827 URL: http://svn.apache.org/viewvc?rev=1895827=rev Log: PDFBOX-5339: avoid IllegalArgumentException Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java URL: http://svn.apache.org/viewvc/pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java?rev=1895827=1895826=1895827=diff == --- pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java (original) +++ pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/Type1CharString.java Sun Dec 12 05:28:41 2021 @@ -309,8 +309,9 @@ public class Type1CharString // end break; case RET: +case CALLSUBR: // indicates an invalid charstring -LOG.warn("Unexpected charstring command: RET in glyph " + glyphName + " of font " +LOG.warn("Unexpected charstring command: " + type1KeyWord + " in glyph " + glyphName + " of font " + fontName); break; default:
svn commit: r1895825 - /pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java
Author: tilman Date: Sun Dec 12 04:22:15 2021 New Revision: 1895825 URL: http://svn.apache.org/viewvc?rev=1895825=rev Log: PDFBOX-5339: avoid ClassCastException Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java URL: http://svn.apache.org/viewvc/pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java?rev=1895825=1895824=1895825=diff == --- pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java (original) +++ pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Sun Dec 12 04:22:15 2021 @@ -683,10 +683,10 @@ public class CFFParser privateDictionaries.add(privDict); // local subrs -int localSubrOffset = (Integer) privateDict.getNumber("Subrs", 0); -if (localSubrOffset > 0) +Number localSubrOffset = privateDict.getNumber("Subrs", 0); +if (localSubrOffset instanceof Integer && ((int) localSubrOffset) > 0) { -input.setPosition(privateOffset + localSubrOffset); +input.setPosition(privateOffset + (int) localSubrOffset); privDict.put("Subrs", readIndexData(input)); } } @@ -774,10 +774,10 @@ public class CFFParser privDict.forEach(font::addToPrivateDict); // local subrs -int localSubrOffset = (Integer) privateDict.getNumber("Subrs", 0); -if (localSubrOffset > 0) +Number localSubrOffset = privateDict.getNumber("Subrs", 0); +if (localSubrOffset instanceof Integer && ((int) localSubrOffset) > 0) { -input.setPosition(privateOffset + localSubrOffset); +input.setPosition(privateOffset + (int) localSubrOffset); font.addToPrivateDict("Subrs", readIndexData(input)); } }
svn commit: r1895824 - /pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java
Author: tilman Date: Sun Dec 12 04:22:11 2021 New Revision: 1895824 URL: http://svn.apache.org/viewvc?rev=1895824=rev Log: PDFBOX-5339: avoid ClassCastException Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java?rev=1895824=1895823=1895824=diff == --- pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java (original) +++ pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Sun Dec 12 04:22:11 2021 @@ -663,10 +663,10 @@ public class CFFParser privateDictionaries.add(privDict); // local subrs -int localSubrOffset = (Integer) privateDict.getNumber("Subrs", 0); -if (localSubrOffset > 0) +Number localSubrOffset = privateDict.getNumber("Subrs", 0); +if (localSubrOffset instanceof Integer && ((Integer) localSubrOffset) > 0) { -input.setPosition(privateOffset + localSubrOffset); +input.setPosition(privateOffset + (Integer) localSubrOffset); privDict.put("Subrs", readIndexData(input)); } } @@ -758,10 +758,10 @@ public class CFFParser } // local subrs -int localSubrOffset = (Integer) privateDict.getNumber("Subrs", 0); -if (localSubrOffset > 0) +Number localSubrOffset = privateDict.getNumber("Subrs", 0); +if (localSubrOffset instanceof Integer && ((Integer) localSubrOffset) > 0) { -input.setPosition(privateOffset + localSubrOffset); +input.setPosition(privateOffset + (Integer) localSubrOffset); font.addToPrivateDict("Subrs", readIndexData(input)); } }
svn propchange: r1895817 - svn:log
Author: lehmi Revision: 1895817 Modified property: svn:log Modified: svn:log at Sat Dec 11 19:35:31 2021 -- --- svn:log (original) +++ svn:log Sat Dec 11 19:35:31 2021 @@ -1 +1 @@ -PDFBOX_5341: exclude .github/workflows/codeql-analysis.yml from rat check +PDFBOX-5341: exclude .github/workflows/codeql-analysis.yml from rat check
svn commit: r1895817 - /pdfbox/trunk/parent/pom.xml
Author: lehmi Date: Sat Dec 11 19:34:46 2021 New Revision: 1895817 URL: http://svn.apache.org/viewvc?rev=1895817=rev Log: PDFBOX_5341: exclude .github/workflows/codeql-analysis.yml from rat check Modified: pdfbox/trunk/parent/pom.xml Modified: pdfbox/trunk/parent/pom.xml URL: http://svn.apache.org/viewvc/pdfbox/trunk/parent/pom.xml?rev=1895817=1895816=1895817=diff == --- pdfbox/trunk/parent/pom.xml (original) +++ pdfbox/trunk/parent/pom.xml Sat Dec 11 19:34:46 2021 @@ -373,6 +373,7 @@ release.properties + .github/workflows/codeql-analysis.yml
svn commit: r1895816 - /pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java
Author: tilman Date: Sat Dec 11 18:50:13 2021 New Revision: 1895816 URL: http://svn.apache.org/viewvc?rev=1895816=rev Log: PDFBOX-5339: AAIOBE now wrapped in IOException, copying twelvemonkeys commit by Harald Kuhr Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java?rev=1895816=1895815=1895816=diff == --- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java (original) +++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java Sat Dec 11 18:50:13 2021 @@ -130,6 +130,10 @@ final class CCITTFaxDecoderStream extend try { decodeRow(); } +catch (ArrayIndexOutOfBoundsException e) { +// Mask the AIOOBE as an IOException +throw new IOException("Malformed CCITT stream", e); +} catch (EOFException e) { // TODO: Rewrite to avoid throw/catch for normal flow... if (decodedLength != 0) {
svn commit: r1895815 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java
Author: tilman Date: Sat Dec 11 18:49:49 2021 New Revision: 1895815 URL: http://svn.apache.org/viewvc?rev=1895815=rev Log: PDFBOX-5339: AAIOBE now wrapped in IOException, copying twelvemonkeys commit by Harald Kuhr Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java?rev=1895815=1895814=1895815=diff == --- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java (original) +++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/filter/CCITTFaxDecoderStream.java Sat Dec 11 18:49:49 2021 @@ -130,6 +130,10 @@ final class CCITTFaxDecoderStream extend try { decodeRow(); } +catch (ArrayIndexOutOfBoundsException e) { +// Mask the AIOOBE as an IOException +throw new IOException("Malformed CCITT stream", e); +} catch (EOFException e) { // TODO: Rewrite to avoid throw/catch for normal flow... if (decodedLength != 0) {
svn commit: r1895814 - /pdfbox/trunk/.github/workflows/codeql-analysis.yml
Author: msahyoun Date: Sat Dec 11 17:37:03 2021 New Revision: 1895814 URL: http://svn.apache.org/viewvc?rev=1895814=rev Log: PDFBOX-5341: fix empty file Modified: pdfbox/trunk/.github/workflows/codeql-analysis.yml Modified: pdfbox/trunk/.github/workflows/codeql-analysis.yml URL: http://svn.apache.org/viewvc/pdfbox/trunk/.github/workflows/codeql-analysis.yml?rev=1895814=1895813=1895814=diff == --- pdfbox/trunk/.github/workflows/codeql-analysis.yml (original) +++ pdfbox/trunk/.github/workflows/codeql-analysis.yml Sat Dec 11 17:37:03 2021 @@ -0,0 +1,86 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. + +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. + +name: "CodeQL" +on: + workflow_dispatch: + push: +branches: [trunk] +# The branches below must be a subset of the branches above + pull_request: +branches: [trunk] + +jobs: + analyze: +name: Analyze +runs-on: ubuntu-latest + +strategy: + fail-fast: false + matrix: +# Override automatic language detection by changing the below list +# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] +language: ['java'] +# Learn more... +# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + +steps: +- name: Checkout repository + uses: actions/checkout@v2 + with: +# We must fetch at least the immediate parents so that if this is +# a pull request then we can checkout the head. +fetch-depth: 2 + +- name: Cache local Maven repository + uses: actions/cache@v2 + with: +path: ~/.m2/repository +key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} +restore-keys: ${{ runner.os }}-maven- + +# Initializes the CodeQL tools for scanning. +- name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: +languages: ${{ matrix.language }} +# If you wish to specify custom queries, you can do so here or in a config file. +# By default, queries listed here will override any specified in a config file. +# Prefix the list here with "+" to use these queries and those in the config file. +# queries: ./path/to/local/query, your-org/your-repo/queries@main +queries: +security-and-quality + +# Autobuild attempts to build any compiled languages (C/C++, C#, or Java). +# If this step fails, then you should remove it and run the build manually (see below) +# - name: Autobuild +# uses: github/codeql-action/autobuild@v1 + +# â¹ï¸ Command-line programs to run using the OS shell. +# ð https://git.io/JvXDl + +# âï¸ If the Autobuild fails above, remove it and uncomment the following three lines +#and modify them (or add more) to build your code if your project +#uses a compiled language + +- run: | +mvn process-classes compile -DskipTests + +- name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1
svn commit: r1895813 - in /pdfbox/trunk/.github: ./ workflows/ workflows/codeql-analysis.yml
Author: msahyoun Date: Sat Dec 11 14:48:26 2021 New Revision: 1895813 URL: http://svn.apache.org/viewvc?rev=1895813=rev Log: PDFBOX-5341: Enable GitHub CodeQL Scans for PDFBox Codebase Added: pdfbox/trunk/.github/ pdfbox/trunk/.github/workflows/ pdfbox/trunk/.github/workflows/codeql-analysis.yml Added: pdfbox/trunk/.github/workflows/codeql-analysis.yml URL: http://svn.apache.org/viewvc/pdfbox/trunk/.github/workflows/codeql-analysis.yml?rev=1895813=auto == (empty)
svn commit: r1895811 - /pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java
Author: tilman Date: Sat Dec 11 13:31:08 2021 New Revision: 1895811 URL: http://svn.apache.org/viewvc?rev=1895811=rev Log: PDFBOX-5339: avoid IndexOutOfBoundsException Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java?rev=1895811=1895810=1895811=diff == --- pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java (original) +++ pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Sat Dec 11 13:31:08 2021 @@ -442,6 +442,10 @@ public class CFFParser { CFFCIDFont cffCIDFont = new CFFCIDFont(); DictData.Entry rosEntry = topDict.getEntry("ROS"); +if (rosEntry == null || rosEntry.size() < 3) +{ +throw new IOException("ROS entry must have 3 elements"); +} cffCIDFont.setRegistry(readString(rosEntry.getNumber(0).intValue())); cffCIDFont.setOrdering(readString(rosEntry.getNumber(1).intValue())); cffCIDFont.setSupplement(rosEntry.getNumber(2).intValue()); @@ -481,6 +485,10 @@ public class CFFParser // charstrings index DictData.Entry charStringsEntry = topDict.getEntry("CharStrings"); +if (charStringsEntry == null || !charStringsEntry.hasOperands()) +{ +throw new IOException("CharStrings is missing or empty"); +} int charStringsOffset = charStringsEntry.getNumber(0).intValue(); input.setPosition(charStringsOffset); byte[][] charStringsIndex = readIndexData(input); @@ -488,7 +496,7 @@ public class CFFParser // charset DictData.Entry charsetEntry = topDict.getEntry("charset"); CFFCharset charset; -if (charsetEntry != null) +if (charsetEntry != null && charsetEntry.hasOperands()) { int charsetId = charsetEntry.getNumber(0).intValue(); if (!isCIDFont && charsetId == 0) @@ -607,7 +615,7 @@ public class CFFParser // In a CIDKeyed Font, the Private dictionary isn't in the Top Dict but in the Font dict // which can be accessed by a lookup using FDArray and FDSelect DictData.Entry fdArrayEntry = topDict.getEntry("FDArray"); -if (fdArrayEntry == null) +if (fdArrayEntry == null || !fdArrayEntry.hasOperands()) { throw new IOException("FDArray is missing for a CIDKeyed Font."); } @@ -631,7 +639,7 @@ public class CFFParser // read private dict DictData.Entry privateEntry = fontDict.getEntry("Private"); -if (privateEntry == null) +if (privateEntry == null || privateEntry.size() < 2) { throw new IOException("Font DICT invalid without \"Private\" entry"); } @@ -665,6 +673,10 @@ public class CFFParser // font-dict (FD) select DictData.Entry fdSelectEntry = topDict.getEntry("FDSelect"); +if (fdSelectEntry == null || !fdSelectEntry.hasOperands()) +{ +throw new IOException("FDSelect is missing or empty"); +} int fdSelectPos = fdSelectEntry.getNumber(0).intValue(); input.setPosition(fdSelectPos); FDSelect fdSelect = readFDSelect(input, nrOfcharStrings, font); @@ -710,7 +722,8 @@ public class CFFParser // encoding DictData.Entry encodingEntry = topDict.getEntry("Encoding"); CFFEncoding encoding; -int encodingId = encodingEntry != null ? encodingEntry.getNumber(0).intValue() : 0; +int encodingId = encodingEntry != null && encodingEntry.hasOperands() ? +encodingEntry.getNumber(0).intValue() : 0; switch (encodingId) { case 0: @@ -728,7 +741,7 @@ public class CFFParser // read private dict DictData.Entry privateEntry = topDict.getEntry("Private"); -if (privateEntry == null) +if (privateEntry == null || privateEntry.size() < 2) { throw new IOException("Private dictionary entry missing for font " + font.fontName); } @@ -773,7 +786,7 @@ public class CFFParser private String getString(DictData dict, String name) { DictData.Entry entry = dict.getEntry(name); -return entry != null ? readString(entry.getNumber(0).intValue()) : null; +return entry != null && entry.hasOperands() ? readString(entry.getNumber(0).intValue()) : null; } private CFFEncoding readEncoding(CFFDataInput dataInput, CFFCharset charset) throws IOException @@ -1229,6 +1242,11 @@ public class CFFParser return operands.get(index); } +
svn commit: r1895812 - /pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java
Author: tilman Date: Sat Dec 11 13:31:12 2021 New Revision: 1895812 URL: http://svn.apache.org/viewvc?rev=1895812=rev Log: PDFBOX-5339: avoid IndexOutOfBoundsException Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java URL: http://svn.apache.org/viewvc/pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java?rev=1895812=1895811=1895812=diff == --- pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java (original) +++ pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFParser.java Sat Dec 11 13:31:12 2021 @@ -444,6 +444,10 @@ public class CFFParser { CFFCIDFont cffCIDFont = new CFFCIDFont(); DictData.Entry rosEntry = topDict.getEntry("ROS"); +if (rosEntry == null || rosEntry.size() < 3) +{ +throw new IOException("ROS entry must have 3 elements"); +} cffCIDFont.setRegistry(readString(rosEntry.getNumber(0).intValue())); cffCIDFont.setOrdering(readString(rosEntry.getNumber(1).intValue())); cffCIDFont.setSupplement(rosEntry.getNumber(2).intValue()); @@ -483,6 +487,10 @@ public class CFFParser // charstrings index DictData.Entry charStringsEntry = topDict.getEntry("CharStrings"); +if (charStringsEntry == null || !charStringsEntry.hasOperands()) +{ +throw new IOException("CharStrings is missing or empty"); +} int charStringsOffset = charStringsEntry.getNumber(0).intValue(); input.setPosition(charStringsOffset); byte[][] charStringsIndex = readIndexData(input); @@ -490,7 +498,7 @@ public class CFFParser // charset DictData.Entry charsetEntry = topDict.getEntry("charset"); CFFCharset charset; -if (charsetEntry != null) +if (charsetEntry != null && charsetEntry.hasOperands()) { int charsetId = charsetEntry.getNumber(0).intValue(); if (!isCIDFont && charsetId == 0) @@ -515,8 +523,7 @@ public class CFFParser { LOG.debug("Couldn't read CharStrings index - returning empty charset instead"); charset = new EmptyCharset(0); -} - +} } else { @@ -629,7 +636,7 @@ public class CFFParser // In a CIDKeyed Font, the Private dictionary isn't in the Top Dict but in the Font dict // which can be accessed by a lookup using FDArray and FDSelect DictData.Entry fdArrayEntry = topDict.getEntry("FDArray"); -if (fdArrayEntry == null) +if (fdArrayEntry == null || !fdArrayEntry.hasOperands()) { throw new IOException("FDArray is missing for a CIDKeyed Font."); } @@ -653,7 +660,7 @@ public class CFFParser // read private dict DictData.Entry privateEntry = fontDict.getEntry("Private"); -if (privateEntry == null) +if (privateEntry == null || privateEntry.size() < 2) { throw new IOException("Font DICT invalid without \"Private\" entry"); } @@ -686,6 +693,10 @@ public class CFFParser // font-dict (FD) select DictData.Entry fdSelectEntry = topDict.getEntry("FDSelect"); +if (fdSelectEntry == null || !fdSelectEntry.hasOperands()) +{ +throw new IOException("FDSelect is missing or empty"); +} int fdSelectPos = fdSelectEntry.getNumber(0).intValue(); input.setPosition(fdSelectPos); FDSelect fdSelect = readFDSelect(input, nrOfcharStrings); @@ -731,7 +742,8 @@ public class CFFParser // encoding DictData.Entry encodingEntry = topDict.getEntry("Encoding"); CFFEncoding encoding; -int encodingId = encodingEntry != null ? encodingEntry.getNumber(0).intValue() : 0; +int encodingId = encodingEntry != null && encodingEntry.hasOperands() ? +encodingEntry.getNumber(0).intValue() : 0; switch (encodingId) { case 0: @@ -749,7 +761,7 @@ public class CFFParser // read private dict DictData.Entry privateEntry = topDict.getEntry("Private"); -if (privateEntry == null) +if (privateEntry == null || privateEntry.size() < 2) { throw new IOException("Private dictionary entry missing for font " + font.getName()); } @@ -790,7 +802,7 @@ public class CFFParser private String getString(DictData dict, String name) { DictData.Entry entry = dict.getEntry(name); -return entry != null ? readString(entry.getNumber(0).intValue()) : null; +return entry != null && entry.hasOperands() ?