You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2021/05/15 14:42:07 UTC
svn commit: r1889916 - in /pdfbox/trunk/pdfbox/src:
main/java/org/apache/pdfbox/cos/COSInteger.java
main/java/org/apache/pdfbox/cos/COSNumber.java
main/java/org/apache/pdfbox/pdfparser/BaseParser.java
test/java/org/apache/pdfbox/cos/TestCOSNumber.java
Author: lehmi
Date: Sat May 15 14:42:07 2021
New Revision: 1889916
URL: http://svn.apache.org/viewvc?rev=1889916&view=rev
Log:
PDFBOX-5176: skip values which are valid numbers but out of range
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
pdfbox/trunk/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java?rev=1889916&r1=1889915&r2=1889916&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSInteger.java Sat May 15 14:42:07 2021
@@ -69,6 +69,16 @@ public final class COSInteger extends CO
public static final COSInteger THREE = get(3);
/**
+ * Constant for an out of range value which is bigger than Log.MAX_VALUE.
+ */
+ protected static final COSInteger OUT_OF_RANGE_MAX = getInvalid(true);
+
+ /**
+ * Constant for an out of range value which is smaller than Log.MIN_VALUE.
+ */
+ protected static final COSInteger OUT_OF_RANGE_MIN = getInvalid(false);
+
+ /**
* Returns a COSInteger instance with the given value.
*
* @param val integer value
@@ -82,23 +92,32 @@ public final class COSInteger extends CO
// no synchronization needed
if (STATIC[index] == null)
{
- STATIC[index] = new COSInteger(val);
+ STATIC[index] = new COSInteger(val, true);
}
return STATIC[index];
}
- return new COSInteger(val);
+ return new COSInteger(val, true);
+ }
+
+ private static COSInteger getInvalid(boolean maxValue)
+ {
+ return maxValue ? new COSInteger(Long.MAX_VALUE, false)
+ : new COSInteger(Long.MIN_VALUE, false);
}
private final long value;
+ private final boolean isValid;
/**
* constructor.
*
* @param val The integer value of this object.
+ * @param valid indicates if the value is valid.
*/
- private COSInteger( long val )
+ private COSInteger(long val, boolean valid)
{
value = val;
+ isValid = valid;
}
/**
@@ -165,6 +184,16 @@ public final class COSInteger extends CO
}
/**
+ * Indicates whether this instance represents a valid value.
+ *
+ * @return true if the value is valid
+ */
+ public boolean isValid()
+ {
+ return isValid;
+ }
+
+ /**
* visitor pattern double dispatch method.
*
* @param visitor The object to notify when visiting this object.
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java?rev=1889916&r1=1889915&r2=1889916&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/cos/COSNumber.java Sat May 15 14:42:07 2021
@@ -91,7 +91,9 @@ public abstract class COSNumber extends
{
throw new IOException("Not a number: " + number);
}
- return null;
+ // return a limited COSInteger value which is marked as invalid
+ return number.startsWith("-") ? COSInteger.OUT_OF_RANGE_MIN
+ : COSInteger.OUT_OF_RANGE_MAX;
}
}
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java?rev=1889916&r1=1889915&r2=1889916&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/BaseParser.java Sat May 15 14:42:07 2021
@@ -294,6 +294,10 @@ public abstract class BaseParser
LOG.warn("Bad dictionary declaration at offset " + source.getPosition());
return false;
}
+ else if (value instanceof COSInteger && !((COSInteger) value).isValid())
+ {
+ LOG.warn("Skipped out of range number value at offset " + source.getPosition());
+ }
else
{
// label this item as direct, to avoid signature problems.
Modified: pdfbox/trunk/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java?rev=1889916&r1=1889915&r2=1889916&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java (original)
+++ pdfbox/trunk/pdfbox/src/test/java/org/apache/pdfbox/cos/TestCOSNumber.java Sat May 15 14:42:07 2021
@@ -18,9 +18,10 @@
package org.apache.pdfbox.cos;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
-import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;
import java.io.IOException;
@@ -86,15 +87,33 @@ abstract class TestCOSNumber extends Tes
}
/**
- * PDFBOX-4895: large number, too big for a long leads to a null value.
+ * PDFBOX-5176: large number, too big for a long leads to an COSInteger value which is marked as invalid.
*
* @throws IOException
*/
- @Test
- void testLargeNumber() throws IOException
+ public void testLargeNumber() throws IOException
{
- assertNull(COSNumber.get("18446744073307448448"));
- assertNull(COSNumber.get("-18446744073307448448"));
+ // max value
+ COSNumber cosNumber = COSNumber.get(Long.toString(Long.MAX_VALUE));
+ assertTrue(cosNumber instanceof COSInteger);
+ COSInteger cosInteger = (COSInteger) cosNumber;
+ assertTrue(cosInteger.isValid());
+ // min value
+ cosNumber = COSNumber.get(Long.toString(Long.MIN_VALUE));
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertTrue(cosInteger.isValid());
+
+ // out of range, max value
+ cosNumber = COSNumber.get("18446744073307448448");
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertFalse(cosInteger.isValid());
+ // out of range, min value
+ cosNumber = COSNumber.get("-18446744073307448448");
+ assertTrue(cosNumber instanceof COSInteger);
+ cosInteger = (COSInteger) cosNumber;
+ assertFalse(cosInteger.isValid());
}
@Test