You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2019/05/19 13:54:28 UTC

svn commit: r1859502 - in /pdfbox/branches/2.0/fontbox/src: main/java/org/apache/fontbox/cmap/CMapParser.java test/java/org/apache/fontbox/cmap/TestCMapParser.java test/resources/cmap/CMapMalformedbfrange1 test/resources/cmap/CMapMalformedbfrange2

Author: lehmi
Date: Sun May 19 13:54:28 2019
New Revision: 1859502

URL: http://svn.apache.org/viewvc?rev=1859502&view=rev
Log:
PDFBOX-4550: add missing check for the start and end values of a bfrange

Added:
    pdfbox/branches/2.0/fontbox/src/test/resources/cmap/CMapMalformedbfrange1
      - copied unchanged from r1859501, pdfbox/trunk/fontbox/src/test/resources/cmap/CMapMalformedbfrange1
    pdfbox/branches/2.0/fontbox/src/test/resources/cmap/CMapMalformedbfrange2
      - copied unchanged from r1859501, pdfbox/trunk/fontbox/src/test/resources/cmap/CMapMalformedbfrange2
Modified:
    pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cmap/CMapParser.java
    pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/cmap/TestCMapParser.java

Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cmap/CMapParser.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cmap/CMapParser.java?rev=1859502&r1=1859501&r2=1859502&view=diff
==============================================================================
--- pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cmap/CMapParser.java (original)
+++ pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/cmap/CMapParser.java Sun May 19 13:54:28 2019
@@ -362,10 +362,10 @@ public class CMapParser
             }
             byte[] startCode = (byte[]) nextToken;
             byte[] endCode = (byte[]) parseNextToken(cmapStream);
-            if (startCode.length != endCode.length)
+            if (!checkBoundaries(startCode, endCode))
             {
                 // PDFBOX-4550: likely corrupt stream
-                continue;
+                break;
             }
             nextToken = parseNextToken(cmapStream);
             List<byte[]> array = null;
@@ -418,6 +418,15 @@ public class CMapParser
         }
     }
 
+    private boolean checkBoundaries(byte[] startCode, byte[] endCode)
+    {
+        int start = CMap.toInt(startCode, startCode.length);
+        int end = CMap.toInt(endCode, endCode.length);
+        // end has to be bigger than start or equal
+        // the range can not represent more that 255 values
+        return end >= start && (end - start) < 256;
+    }
+
     /**
      * Returns an input stream containing the given "use" CMap.
      *
@@ -714,7 +723,7 @@ public class CMapParser
         return intValue;
     }
 
-    private String createStringFromBytes(byte[] bytes) throws IOException
+    private String createStringFromBytes(byte[] bytes)
     {
         return new String(bytes, bytes.length == 1 ? Charsets.ISO_8859_1 : Charsets.UTF_16BE);
     }

Modified: pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/cmap/TestCMapParser.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/cmap/TestCMapParser.java?rev=1859502&r1=1859501&r2=1859502&view=diff
==============================================================================
--- pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/cmap/TestCMapParser.java (original)
+++ pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/cmap/TestCMapParser.java Sun May 19 13:54:28 2019
@@ -110,4 +110,37 @@ public class TestCMapParser extends Test
 
         assertNotNull("Failed to parse nasty CMap file", cMap);
     }
+
+    public void testParserWithMalformedbfrange1() throws IOException
+    {
+        CMap cMap = new CMapParser()
+                .parse(new File("src/test/resources/cmap", "CMapMalformedbfrange1"));
+
+        assertNotNull("Failed to parse malformed CMap file", cMap);
+
+        byte[] bytes1 = { 0, 1 };
+        assertEquals("bytes 00 01 from bfrange <0001> <0009> <0041>", "A",
+                cMap.toUnicode(toInt(bytes1, bytes1.length)));
+
+        byte[] bytes2 = { 1, 00 };
+        assertNull(cMap.toUnicode(toInt(bytes2, bytes2.length)));
+
+    }
+
+    public void testParserWithMalformedbfrange2() throws IOException
+    {
+        CMap cMap = new CMapParser()
+                .parse(new File("src/test/resources/cmap", "CMapMalformedbfrange2"));
+
+        assertNotNull("Failed to parse malformed CMap file", cMap);
+
+        byte[] bytes1 = { 0, 1 };
+        assertEquals("bytes 00 01 from bfrange <0001> <0009> <0041>", "A",
+                cMap.toUnicode(toInt(bytes1, bytes1.length)));
+
+        byte[] bytes2 = { 2, 00 };
+        assertNull(cMap.toUnicode(toInt(bytes2, bytes2.length)));
+
+    }
+
 }