Hello dear podofo users,
today i stumbled upon a parsing bug in PdfTokenizer::ReadDictionary. With
SVN revision 1794, a check was added to prevent a signature content stream
from being decrypted by comparing the dictionary type to "Sig". But this
requires the type to be known/parsed beforehand, otherwise the dictionary
doesn't contain the type (yet). Consequently, if you have a pdf file where
the '/Type/Sig' is declared after the signature content, the check does not
work and the signature content gets decrypted, which in my case ultimately
prevented the pdf file from being loaded successfully. When I prevented the
decryption during debugging, the pdf file was loaded successfully.
I consulted the pdf reference for this issue, but couldn't find any
indication that the dictionary type has to be specified before the
signature content occurs, my test pdf should be perfectly valid. So podofo
needs to be fixed. I tried to analyze the code and a possible solution /
workaround, but I'm not feeling confident & competent enough to come up
with a good, working patch.
Regards,
F.E.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
