You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2021/04/25 10:35:27 UTC
svn commit: r1889167 -
/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java
Author: lehmi
Date: Sun Apr 25 10:35:27 2021
New Revision: 1889167
URL: http://svn.apache.org/viewvc?rev=1889167&view=rev
Log:
PDFBOX-5177: don't use number of objects to initialize map of object numbers/offsets, don't read beyond the part of the stream reserved for object numbers
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java?rev=1889167&r1=1889166&r2=1889167&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFObjectStreamParser.java Sun Apr 25 10:35:27 2021
@@ -106,9 +106,16 @@ public class PDFObjectStreamParser exten
private Map<Long, Integer> privateReadObjectNumbers() throws IOException
{
- Map<Long, Integer> objectNumbers = new HashMap<>(numberOfObjects);
+ // don't initialize map using numberOfObjects as there might by less object numbers than expected
+ Map<Long, Integer> objectNumbers = new HashMap<>();
+ long firstObjectPosition = source.getPosition() + firstObject - 1;
for (int i = 0; i < numberOfObjects; i++)
{
+ // don't read beyond the part of the stream reserved for the object numbers
+ if (source.getPosition() >= firstObjectPosition)
+ {
+ break;
+ }
long objectNumber = readObjectNumber();
int offset = (int) readLong();
objectNumbers.put(objectNumber, offset);