[Podofo-users] PDF CVE Security Research

Hi This will be of interest to anyone testing PoDoFo or reviewing submitted patches. It’s an analysis of 122 PDF CVEs found across a number of PDF products presented at the Blackhat Security conference in March 2017. Products with most CVEs found: 88 - Acrobat 88 15 - Foxit 15 8 – Adobe

[Podofo-users] PdfParser unit tests

Hi Here are the unit tests for PoDoFo::PdfParser I’ve been working on. I’ve just included the .cpp and .h files rather than a patch since they’re new files. I’ve not included a patch for CMakeLists.txt – but I think all that’s needed is adding ParserTests.cpp to the CMakeLists.txt file for

Re: [Podofo-users] PDF CVE Security Research

Hello Mark, hello all, > On 19 April 2018 at 08:45 Mark Rogers wrote: > Hi > This will be of interest to anyone testing PoDoFo or reviewing submitted > patches. It’s an analysis of 122 PDF CVEs found across a number of PDF > products presented at the Blackhat

[Podofo-users] PoDoFo PdfString::Write buffer overflow

Hi This code from PdfString::Write has a buffer overflow – it checks buffer.GetSize() > 0 then sets nInputBufferLen=GetSize()-2 which is passed to new[nInputBufferLen] and memcpy if( pEncrypt && m_buffer.GetSize() && IsValid() ) { pdf_long nInputBufferLen = m_buffer.GetSize() - 2; // Cut off