You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2021/05/15 14:41:22 UTC
svn commit: r1889915 - in /pdfbox/branches/2.0/pdfbox/src:
main/java/org/apache/pdfbox/cos/ main/java/org/apache/pdfbox/pdfparser/
test/java/org/apache/pdfbox/cos/
Author: lehmi
Date: Sat May 15 14:41:22 2021
New Revision: 1889915
URL: http://svn.apache.org/viewvc?rev=1889915&view=rev
Log:
PDFBOX-5176: skip values which are valid numbers but out of range
Modified:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
pdfbox/branches/2.0/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java?rev=1889915&r1=1889914&r2=1889915&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java Sat May 15 14:41:22 2021
@@ -68,6 +68,16 @@ public final class COSInteger extends CO
public static final COSInteger THREE = get(3);
/**
+ * Constant for an out of range value which is bigger than Log.MAX_VALUE.
+ */
+ protected static final COSInteger OUT_OF_RANGE_MAX = getInvalid(true);
+
+ /**
+ * Constant for an out of range value which is smaller than Log.MIN_VALUE.
+ */
+ protected static final COSInteger OUT_OF_RANGE_MIN = getInvalid(false);
+
+ /**
* Returns a COSInteger instance with the given value.
*
* @param val integer value
@@ -81,23 +91,31 @@ public final class COSInteger extends CO
// no synchronization needed
if (STATIC[index] == null)
{
- STATIC[index] = new COSInteger(val);
+ STATIC[index] = new COSInteger(val, true);
}
return STATIC[index];
}
- return new COSInteger(val);
+ return new COSInteger(val, true);
+ }
+
+ private static COSInteger getInvalid(boolean maxValue)
+ {
+ return maxValue ? new COSInteger(Long.MAX_VALUE, false)
+ : new COSInteger(Long.MIN_VALUE, false);
}
private final long value;
+ private final boolean isValid;
/**
* constructor.
*
* @param val The integer value of this object.
*/
- private COSInteger( long val )
+ private COSInteger(long val, boolean valid)
{
value = val;
+ isValid = valid;
}
/**
@@ -177,6 +195,16 @@ public final class COSInteger extends CO
}
/**
+ * Indicates whether this instance represents a valid value.
+ *
+ * @return true if the value is valid
+ */
+ public boolean isValid()
+ {
+ return isValid;
+ }
+
+ /**
* visitor pattern double dispatch method.
*
* @param visitor The object to notify when visiting this object.
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java?rev=1889915&r1=1889914&r2=1889915&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java Sat May 15 14:41:22 2021
@@ -118,7 +118,9 @@ public abstract class COSNumber extends
{
throw new IOException("Not a number: " + number);
}
- return null;
+ // return a limited COSInteger value which is marked as invalid
+ return number.startsWith("-") ? COSInteger.OUT_OF_RANGE_MIN
+ : COSInteger.OUT_OF_RANGE_MAX;
}
}
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java?rev=1889915&r1=1889914&r2=1889915&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java Sat May 15 14:41:22 2021
@@ -292,6 +292,10 @@ public abstract class BaseParser
LOG.warn("Bad dictionary declaration at offset " + seqSource.getPosition());
return false;
}
+ else if (value instanceof COSInteger && !((COSInteger)value).isValid())
+ {
+ LOG.warn("Skipped out of range number value at offset " + seqSource.getPosition());
+ }
else
{
// label this item as direct, to avoid signature problems.
Modified: pdfbox/branches/2.0/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java?rev=1889915&r1=1889914&r2=1889915&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java Sat May 15 14:41:22 2021
@@ -89,14 +89,33 @@ public abstract class TestCOSNumber exte
}
/**
- * PDFBOX-4895: large number, too big for a long leads to a null value.
+ * PDFBOX-5176: large number, too big for a long leads to an COSInteger value which is marked as invalid.
*
* @throws IOException
*/
public void testLargeNumber() throws IOException
{
- assertNull(COSNumber.get("18446744073307448448"));
- assertNull(COSNumber.get("-18446744073307448448"));
+ // max value
+ COSNumber cosNumber = COSNumber.get(Long.toString(Long.MAX_VALUE));
+ assertTrue(cosNumber instanceof COSInteger);
+ COSInteger cosInteger = (COSInteger) cosNumber;
+ assertTrue(cosInteger.isValid());
+ // min value
+ cosNumber = COSNumber.get(Long.toString(Long.MIN_VALUE));
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertTrue(cosInteger.isValid());
+
+ // out of range, max value
+ cosNumber = COSNumber.get("18446744073307448448");
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertFalse(cosInteger.isValid());
+ // out of range, min value
+ cosNumber = COSNumber.get("-18446744073307448448");
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertFalse(cosInteger.isValid());
}
public void testInvalidNumber()