Skip to content

Commit d9ee636

Browse files
dmitry.radchukAndrei Stryhelski
dmitry.radchuk
authored and
Andrei Stryhelski
committed
Change array parsing logic to prevent StackOverflowException
DEVSIX-6939
1 parent 4e9a555 commit d9ee636

File tree

16 files changed

+165
-9
lines changed

16 files changed

+165
-9
lines changed

itext.tests/itext.kernel.tests/itext/kernel/pdf/PdfReaderTest.cs

Lines changed: 128 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1839,6 +1839,134 @@ public virtual void NotCloseUserStreamTest() {
18391839
}
18401840
}
18411841

1842+
[NUnit.Framework.Test]
1843+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1844+
public virtual void EndDicInsteadOfArrayClosingBracketTest() {
1845+
String fileName = sourceFolder + "invalidArrayEndDictToken.pdf";
1846+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1847+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1848+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1849+
for (int i = 0; i < expected.Size(); i++) {
1850+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1851+
}
1852+
}
1853+
1854+
[NUnit.Framework.Test]
1855+
public virtual void EndArrayClosingBracketInsteadOfEndDicTest() {
1856+
String fileName = sourceFolder + "endArrayClosingBracketInsteadOfEndDic.pdf";
1857+
Exception exception = NUnit.Framework.Assert.Catch(typeof(iText.IO.IOException), () => new PdfDocument(new
1858+
PdfReader(fileName)));
1859+
NUnit.Framework.Assert.AreEqual(MessageFormatUtil.Format(KernelExceptionMessageConstant.UNEXPECTED_TOKEN,
1860+
"]"), exception.InnerException.Message);
1861+
}
1862+
1863+
[NUnit.Framework.Test]
1864+
public virtual void EndDicClosingBracketInsideTheDicTest() {
1865+
String fileName = sourceFolder + "endDicClosingBracketInsideTheDic.pdf";
1866+
Exception exception = NUnit.Framework.Assert.Catch(typeof(iText.IO.IOException), () => new PdfDocument(new
1867+
PdfReader(fileName)));
1868+
NUnit.Framework.Assert.AreEqual(MessageFormatUtil.Format(KernelExceptionMessageConstant.UNEXPECTED_TOKEN,
1869+
">>"), exception.InnerException.Message);
1870+
}
1871+
1872+
[NUnit.Framework.Test]
1873+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1874+
public virtual void EofInsteadOfArrayClosingBracketTest() {
1875+
String fileName = sourceFolder + "invalidArrayEOFToken.pdf";
1876+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1877+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1878+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1879+
for (int i = 0; i < expected.Size(); i++) {
1880+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1881+
}
1882+
}
1883+
1884+
[NUnit.Framework.Test]
1885+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1886+
public virtual void EndObjInsteadOfArrayClosingBracketTest() {
1887+
String fileName = sourceFolder + "invalidArrayEndObjToken.pdf";
1888+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1889+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1890+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1891+
for (int i = 0; i < expected.Size(); i++) {
1892+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1893+
}
1894+
}
1895+
1896+
[NUnit.Framework.Test]
1897+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1898+
[LogMessage(iText.IO.LogMessageConstant.XREF_ERROR_WHILE_READING_TABLE_WILL_BE_REBUILT)]
1899+
public virtual void NameInsteadOfArrayClosingBracketTest() {
1900+
String fileName = sourceFolder + "invalidArrayNameToken.pdf";
1901+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1902+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1903+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1904+
for (int i = 0; i < expected.Size(); i++) {
1905+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1906+
}
1907+
}
1908+
1909+
[NUnit.Framework.Test]
1910+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1911+
public virtual void ObjInsteadOfArrayClosingBracketTest() {
1912+
String fileName = sourceFolder + "invalidArrayObjToken.pdf";
1913+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1914+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1915+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1916+
for (int i = 0; i < expected.Size(); i++) {
1917+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1918+
}
1919+
}
1920+
1921+
[NUnit.Framework.Test]
1922+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1923+
public virtual void RefInsteadOfArrayClosingBracketTest() {
1924+
String fileName = sourceFolder + "invalidArrayRefToken.pdf";
1925+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1926+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1927+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1928+
for (int i = 0; i < expected.Size(); i++) {
1929+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1930+
}
1931+
}
1932+
1933+
[NUnit.Framework.Test]
1934+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN, Count = 2)]
1935+
public virtual void StartArrayInsteadOfArrayClosingBracketTest() {
1936+
String fileName = sourceFolder + "invalidArrayStartArrayToken.pdf";
1937+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1938+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1939+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1940+
for (int i = 0; i < expected.Size(); i++) {
1941+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1942+
}
1943+
}
1944+
1945+
[NUnit.Framework.Test]
1946+
[LogMessage(KernelExceptionMessageConstant.UNEXPECTED_TOKEN)]
1947+
[LogMessage(iText.IO.LogMessageConstant.XREF_ERROR_WHILE_READING_TABLE_WILL_BE_REBUILT)]
1948+
public virtual void StringInsteadOfArrayClosingBracketTest() {
1949+
String fileName = sourceFolder + "invalidArrayStringToken.pdf";
1950+
PdfDocument document = new PdfDocument(new PdfReader(fileName));
1951+
PdfArray actual = (PdfArray)document.GetPdfObject(4);
1952+
PdfArray expected = new PdfArray(new float[] { 5, 10, 15, 20 });
1953+
for (int i = 0; i < expected.Size(); i++) {
1954+
NUnit.Framework.Assert.AreEqual(expected.Get(i), actual.Get(i));
1955+
}
1956+
}
1957+
1958+
[NUnit.Framework.Test]
1959+
public virtual void ClosingArrayBracketMissingConservativeTest() {
1960+
String fileName = sourceFolder + "invalidArrayObjToken.pdf";
1961+
PdfReader reader = new PdfReader(fileName);
1962+
reader.SetStrictnessLevel(PdfReader.StrictnessLevel.CONSERVATIVE);
1963+
PdfDocument document = new PdfDocument(reader);
1964+
Exception exception = NUnit.Framework.Assert.Catch(typeof(iText.IO.IOException), () => document.GetPdfObject
1965+
(4));
1966+
NUnit.Framework.Assert.AreEqual(MessageFormatUtil.Format(KernelExceptionMessageConstant.UNEXPECTED_TOKEN,
1967+
"obj"), exception.InnerException.Message);
1968+
}
1969+
18421970
private static FileInfo CopyFileForTest(String fileName, String copiedFileName) {
18431971
FileInfo copiedFile = new FileInfo(copiedFileName);
18441972
File.Copy(System.IO.Path.Combine(fileName), System.IO.Path.Combine(copiedFileName));

itext.tests/itext.kernel.tests/itext/kernel/pdf/canvas/parser/util/PdfCanvasParserTest.cs

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,8 @@ You should have received a copy of the GNU Affero General Public License
2323
using System;
2424
using System.Collections.Generic;
2525
using iText.IO.Source;
26+
using iText.IO.Util;
27+
using iText.Kernel.Exceptions;
2628
using iText.Kernel.Pdf;
2729
using iText.Kernel.Utils;
2830
using iText.Test;
@@ -53,5 +55,19 @@ public virtual void InnerArraysInContentStreamTest() {
5355
NUnit.Framework.Assert.IsTrue(new CompareTool().CompareArrays(cmpArray, (((PdfDictionary)actual[1]).GetAsArray
5456
(new PdfName("ColorantsDef")))));
5557
}
58+
59+
[NUnit.Framework.Test]
60+
public virtual void ParseArrayTest() {
61+
String inputFileName = sourceFolder + "innerArraysInContentStreamWithEndDictToken.pdf";
62+
PdfDocument pdfDocument = new PdfDocument(new PdfReader(inputFileName));
63+
byte[] docInBytes = pdfDocument.GetFirstPage().GetContentBytes();
64+
RandomAccessSourceFactory factory = new RandomAccessSourceFactory();
65+
PdfTokenizer tokeniser = new PdfTokenizer(new RandomAccessFileOrArray(factory.CreateSource(docInBytes)));
66+
PdfResources resources = pdfDocument.GetPage(1).GetResources();
67+
PdfCanvasParser ps = new PdfCanvasParser(tokeniser, resources);
68+
Exception exception = NUnit.Framework.Assert.Catch(typeof(iText.IO.IOException), () => ps.Parse(null));
69+
NUnit.Framework.Assert.AreEqual(MessageFormatUtil.Format(KernelExceptionMessageConstant.UNEXPECTED_TOKEN,
70+
">>"), exception.InnerException.Message);
71+
}
5672
}
5773
}

itext.tests/itext.kernel.tests/resources/itext/kernel/parser/PdfCanvasParserTest/innerArraysInContentStreamWithEndDictToken.pdf

1.2 KB
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/endArrayClosingBracketInsteadOfEndDic.pdf

763 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/endDicClosingBracketInsideTheDic.pdf

762 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/invalidArrayEOFToken.pdf

912 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/invalidArrayEndDictToken.pdf

912 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/invalidArrayEndObjToken.pdf

912 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/invalidArrayNameToken.pdf

915 Bytes
Binary file not shown.

itext.tests/itext.kernel.tests/resources/itext/kernel/pdf/PdfReaderTest/invalidArrayObjToken.pdf

912 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)