Re: [Podofo-users] Buffer overrun at PdfTokenizer::ReadString

2013-09-29 Thread zyx
Dne 28.7.2013 19:54, Dominik Seichter napsal(a): > Thanks for your patch. I committed it to SVN. At least we do not crash > now anymore. Hi, I did some testing and the problem is that PdfEncryptAESV3::Decrypt uses m_encryptionKey which contains all zeros, but calling if (ok)

Re: [Podofo-users] Buffer overrun at PdfTokenizer::ReadString

2013-07-28 Thread Dominik Seichter
Hi, Thanks for your patch. I committed it to SVN. At least we do not crash now anymore. Thanks, Dominik On Sun, Jul 28, 2013 at 3:34 PM, zyx wrote: > Dne 16.7.2013 21:40, Dominik Seichter napsal(a): > > Thanks for pointing this out. Are you able to provide a patch for this? >> Is it enough t

Re: [Podofo-users] Buffer overrun at PdfTokenizer::ReadString

2013-07-28 Thread zyx
Dne 16.7.2013 21:40, Dominik Seichter napsal(a): Thanks for pointing this out. Are you able to provide a patch for this? Is it enough to insert something like: outLen = PDF_MAX(outLen, 16) ? Hi, the attached patch makes it survive (PDF referenec says how to pad and enlarge the buffer), but

Re: [Podofo-users] Buffer overrun at PdfTokenizer::ReadString

2013-07-16 Thread Dominik Seichter
Hi, Thanks for pointing this out. Are you able to provide a patch for this? Is it enough to insert something like: outLen = PDF_MAX(outLen, 16) ? Regards, Dom On Fri, Jul 12, 2013 at 3:07 AM, Vladislav Folts wrote: > Please see these lines at PdfTokenizer::ReadString: > pdf_long ou

[Podofo-users] Buffer overrun at PdfTokenizer::ReadString

2013-07-15 Thread Vladislav Folts
Please see these lines at PdfTokenizer::ReadString: pdf_long outLen = m_vecBuffer.size() - pEncrypt->CalculateStreamOffset(); char * outBuffer = new char[outLen]; pEncrypt->Decrypt( reinterpret_cast(&(m_vecBuffer[0])), static_cast(m_