You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/11/05 19:40:23 UTC

svn commit: r1883148 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java

Author: tilman
Date: Thu Nov  5 19:40:21 2020
New Revision: 1883148

URL: http://svn.apache.org/viewvc?rev=1883148&view=rev
Log:
PDFBOX-5009, PDFBOX-3953: prevent stack overflow with malformed PDFs

Modified:
    pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java

Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java?rev=1883148&r1=1883147&r2=1883148&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageTree.java Thu Nov  5 19:40:21 2020
@@ -28,8 +28,10 @@ import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.common.COSObjectable;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
 import java.util.NoSuchElementException;
+import java.util.Set;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
@@ -165,10 +167,12 @@ public class PDPageTree implements COSOb
     private final class PageIterator implements Iterator<PDPage>
     {
         private final Queue<COSDictionary> queue = new ArrayDeque<>();
+        private Set<COSDictionary> set = new HashSet<>();
 
         private PageIterator(COSDictionary node)
         {
             enqueueKids(node);
+            set = null; // release memory, we don't use this anymore
         }
 
         private void enqueueKids(COSDictionary node)
@@ -178,6 +182,16 @@ public class PDPageTree implements COSOb
                 List<COSDictionary> kids = getKids(node);
                 for (COSDictionary kid : kids)
                 {
+                    if (set.contains(kid))
+                    {
+                        // PDFBOX-5009, PDFBOX-3953: prevent stack overflow with malformed PDFs
+                        LOG.error("This page tree node has already been visited");
+                        continue;
+                    }
+                    else if (kid.containsKey(COSName.KIDS))
+                    {
+                        set.add(kid);
+                    }
                     enqueueKids(kid);
                 }
             }