You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2016/01/12 22:36:16 UTC
svn commit: r1724328 -
/pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
Author: tilman
Date: Tue Jan 12 21:36:16 2016
New Revision: 1724328
URL: http://svn.apache.org/viewvc?rev=1724328&view=rev
Log:
PDFBOX-3189: don't read overlong numbers to avoid pushback exception
Modified:
pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
Modified: pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java?rev=1724328&r1=1724327&r2=1724328&view=diff
==============================================================================
--- pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java (original)
+++ pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java Tue Jan 12 21:36:16 2016
@@ -57,6 +57,8 @@ public abstract class BaseParser
private static final long GENERATION_NUMBER_THRESHOLD = 65535;
+ static final int MAX_LENGTH_LONG = Long.toString(Long.MAX_VALUE).length();
+
/**
* system property allowing to define size of push back buffer.
*/
@@ -1719,6 +1721,11 @@ public abstract class BaseParser
lastByte != -1 )
{
buffer.append( (char)lastByte );
+ if (buffer.length() > MAX_LENGTH_LONG)
+ {
+ throw new IOException("Number '" + buffer +
+ "' is getting too long, stop reading at offset " + pdfSource.getOffset());
+ }
}
if( lastByte != -1 )
{