Please check if this was fixed
https://issues.apache.org/jira/browse/PDFBOX-5158
Possible explanation: the latest 3.0 version is 3.0.0-alpha3, not RC1.
Tilman
On 08.12.2022 19:20, Daniel Skiles wrote:
All,
I have what might be a bug in the 3.0.x series of PDFBox. It appears
that certain input can cause RandomAccessReadBuffer's constructor to
enter an infinite loop. I have attached a file that produces the
behavior. When I examined the contents, the first thing that stood out
is that it has no EOF indicator, but I've seen other broken files
where that's the case, and they terminate properly. I've found a few
files like this, and it seems like they're all exactly multiples of
DEFAULT_CHUNK_SIZE_4KB in length.
If you use RandomAccessReadMemoryMappedFile, you don't see the same
behavior. Instead, it reads the file and throws a "Missing root
object specification in trailer" error in PDFParser. The sample code
to reproduce looks more or less like this:
try(final InputStream is = Files.newInputStream(Paths.get("<path to
attached>"))) {
final PDDocument d = Loader.loadPDF(is);
}
Is this a bug? If so, what is the process for reporting it?
Given the infinite loop aspect of this, could it represent a security
issue due to denial of service?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: users-h...@pdfbox.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: users-h...@pdfbox.apache.org
