You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@pdfbox.apache.org by Michal Stefan <mi...@gmail.com> on 2024/01/17 15:28:05 UTC

potential issue in fontbox component CmapSubtable

Hello,

we are using pdfbox version 2.0.28 (awesome library, thanks for that!) and
recently we observed an issue (attached txt). Unfortunately I do not have
the pdf (as this issue happens before the document was saved, so we do not
have the document). However looking at the CmapSubtable.java even in the
latest code (as well as 2.0.28 version), it seems like the condition is not
safe:

   private int getCharCode(int gid)
    {
        if (gid < 0 || glyphIdToCharacterCode == null || gid >=
glyphIdToCharacterCode.length)
        {
            return -1;
        }
        return glyphIdToCharacterCode[gid];
    }

Exception and the code as well suggests that even if the
glyphIdToCharacterCode is null, it's still possible that
glyphIdToCharacerCode.length gets evaluated. What do you think please?

Best Regards,

Michal Stefan

Re: potential issue in fontbox component CmapSubtable

Posted by Tilman Hausherr <TH...@t-online.de>.

Hi,

I hope I'm not wrong on this, but if the second element is true 
(glyphIdToCharacterCode == null) then the third one wouldn't be 
evaluated, because there's no need. (short circuit evaluation)

Look at https://issues.apache.org/jira/browse/PDFBOX-5465 , the stack 
trace looks just like yours.

Could it be you're not really using 2.0.28 but 2.0.26 or earlier?

Tilman

On 17.01.2024 16:28, Michal Stefan wrote:
> Hello,
>
> we are using pdfbox version 2.0.28 (awesome library, thanks for that!) 
> and recently we observed an issue (attached txt). Unfortunately I do 
> not have the pdf (as this issue happens before the document was saved, 
> so we do not have the document). However looking at the 
> CmapSubtable.java even in the latest code (as well as 2.0.28 version), 
> it seems like the condition is not safe:
>
>     private int getCharCode(int gid)
>      {
>          if (gid < 0 || glyphIdToCharacterCode == null || gid >= glyphIdToCharacterCode.length)
>          {
>              return -1;
>          }
>          return glyphIdToCharacterCode[gid];
>      }
> Exception and the code as well suggests that even if the 
> glyphIdToCharacterCode is null, it's still possible that 
> glyphIdToCharacerCode.length gets evaluated. What do you think please?
> Best Regards,
> Michal Stefan
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:users-unsubscribe@pdfbox.apache.org
> For additional commands, e-mail:users-help@pdfbox.apache.org