You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pdfbox.apache.org by le...@apache.org on 2021/04/13 06:21:07 UTC

svn commit: r1888707 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java

Author: lehmi
Date: Tue Apr 13 06:21:07 2021
New Revision: 1888707

URL: http://svn.apache.org/viewvc?rev=1888707&view=rev
Log:
PDFBOX-5163: stop reading corrupted dictionaries to avoid a stack overflow exception

Modified:
    pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java

Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java?rev=1888707&r1=1888706&r2=1888707&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java Tue Apr 13 06:21:07 2021
@@ -213,7 +213,12 @@ public abstract class BaseParser
             }
             else if (c == '/')
             {
-                parseCOSDictionaryNameValuePair(obj);
+                // something went wrong, most likely the dictionary is corrupted
+                // stop immediately and return everything read so far
+                if (!parseCOSDictionaryNameValuePair(obj))
+                {
+                    return obj;
+                }
             }
             else
             {
@@ -279,7 +284,7 @@ public abstract class BaseParser
         return false;
     }
 
-    private void parseCOSDictionaryNameValuePair(COSDictionary obj) throws IOException
+    private boolean parseCOSDictionaryNameValuePair(COSDictionary obj) throws IOException
     {
         COSName key = parseCOSName();
         COSBase value = parseCOSDictionaryValue();
@@ -302,6 +307,7 @@ public abstract class BaseParser
         if (value == null)
         {
             LOG.warn("Bad dictionary declaration at offset " + source.getPosition());
+            return false;
         }
         else
         {
@@ -309,6 +315,7 @@ public abstract class BaseParser
             value.setDirect(true);
             obj.setItem(key, value);
         }
+        return true;
     }
 
     protected void skipWhiteSpaces() throws IOException