You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pdfbox.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2017/06/22 17:31:00 UTC

[jira] [Commented] (PDFBOX-3839) AIOOB in PDResources.getFont()

    [ https://issues.apache.org/jira/browse/PDFBOX-3839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16059717#comment-16059717 ] 

ASF subversion and git services commented on PDFBOX-3839:
---------------------------------------------------------

Commit 1799597 from [~tilman] in branch 'pdfbox/branches/2.0'
[ https://svn.apache.org/r1799597 ]

PDFBOX-3839: avoid AIOOB

> AIOOB in PDResources.getFont()
> ------------------------------
>
>                 Key: PDFBOX-3839
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-3839
>             Project: PDFBox
>          Issue Type: Bug
>          Components: FontBox, Parsing
>    Affects Versions: 2.0.6
>            Reporter: Tilman Hausherr
>            Assignee: Tilman Hausherr
>             Fix For: 2.0.7, 3.0.0
>
>
> As reported by Lauri Laanti in the users mailing list:
> {code}
> java.lang.ArrayIndexOutOfBoundsException: 4
> at org.apache.fontbox.ttf.PostScriptTable.getName(PostScriptTable.java:318)
> at org.apache.pdfbox.pdmodel.font.PDTrueTypeFont.readEncodingFromFont(PDTrueTypeFont.java:260)
> at org.apache.pdfbox.pdmodel.font.PDSimpleFont.readEncoding(PDSimpleFont.java:134)
> at org.apache.pdfbox.pdmodel.font.PDTrueTypeFont.<init>(PDTrueTypeFont.java:209)
> at org.apache.pdfbox.pdmodel.font.PDFontFactory.createFont(PDFontFactory.java:75)
> at org.apache.pdfbox.pdmodel.PDResources.getFont(PDResources.java:143)
> Investigating the function in question:
> public String getName(int gid)
> 313            {
> 314                if (gid < 0 || glyphNames == null || gid > glyphNames.length)
> 315                {
> 316                    return null;
> 317                }
> 318                return glyphNames[gid];
> 319            }
> I think that the check on line 314 should be :
> gid < 0 || glyphNames == null || gid >= glyphNames.length
> Otherwise, when gid == glyphNames.length there will be AIOOB.
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org