itext
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/logs/KernelLogMessageConstant.java
Lines changed: 3 additions & 0 deletions b/‎kernel/src/main/java/com/itextpdf/kernel/logs/KernelLogMessageConstant.java
Lines changed: 3 additions & 0 deletions
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/MemoryLimitsAwareHandler.java
Lines changed: 23 additions & 0 deletions b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/MemoryLimitsAwareHandler.java
Lines changed: 23 additions & 0 deletions
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfReader.java
Lines changed: 9 additions & 0 deletions b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfReader.java
Lines changed: 9 additions & 0 deletions
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfRevisionsReader.java
Lines changed: 1 addition & 1 deletion b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfRevisionsReader.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/ReaderProperties.java
Lines changed: 29 additions & 15 deletions b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/ReaderProperties.java
Lines changed: 29 additions & 15 deletions
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/pdf/MemoryLimitsAwareHandlerTest.java
Lines changed: 53 additions & 1 deletion b/‎kernel/src/test/java/com/itextpdf/kernel/pdf/MemoryLimitsAwareHandlerTest.java
Lines changed: 53 additions & 1 deletion
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/pdf/ReaderPropertiesTest.java
Lines changed: 51 additions & 0 deletions b/‎kernel/src/test/java/com/itextpdf/kernel/pdf/ReaderPropertiesTest.java
Lines changed: 51 additions & 0 deletions
diff --git a/‎sign/src/main/java/com/itextpdf/signatures/validation/DocumentRevisionsValidator.java
Lines changed: 2 additions & 1 deletion b/‎sign/src/main/java/com/itextpdf/signatures/validation/DocumentRevisionsValidator.java
Lines changed: 2 additions & 1 deletion
diff --git a/‎sign/src/main/java/com/itextpdf/signatures/validation/SignatureValidator.java
Lines changed: 3 additions & 2 deletions b/‎sign/src/main/java/com/itextpdf/signatures/validation/SignatureValidator.java
Lines changed: 3 additions & 2 deletions
@@ -107,6 +107,9 @@ public final class KernelLogMessageConstant {
     public static final String ALGORITHM_NOT_FROM_SPEC =
             "Requested algorithm might not be supported by the pdf specification.";
 
+    public static final String MEMORYLIMITAWAREHANDLER_OVERRIDE_CREATENEWINSTANCE_METHOD =
+            "MemoryLimitsAwareHandler#createNewInstance method must be overriden.";
+
     private KernelLogMessageConstant() {
         //Private constructor will prevent the instantiation of this class directly
     }
 
@@ -24,8 +24,11 @@ This file is part of the iText (R) project.
 
 import com.itextpdf.kernel.exceptions.KernelExceptionMessageConstant;
 import com.itextpdf.kernel.exceptions.MemoryLimitsAwareException;
+import com.itextpdf.kernel.logs.KernelLogMessageConstant;
 
 import java.util.HashSet;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * A {@link MemoryLimitsAwareHandler} handles memory allocation and prevents decompressed
@@ -38,6 +41,7 @@ This file is part of the iText (R) project.
  */
 public class MemoryLimitsAwareHandler {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(MemoryLimitsAwareHandler.class);
 
     private static final int SINGLE_SCALE_COEFFICIENT = 100;
     private static final int SUM_SCALE_COEFFICIENT = 500;
@@ -88,6 +92,25 @@ private MemoryLimitsAwareHandler(int maxSizeOfSingleDecompressedPdfStream, long
         this.maxXObjectsSizePerPage = maxXObjectsSizePerPage;
     }
 
+    /**
+     * Creates a new instance of {@link MemoryLimitsAwareHandler} by copying settings from this instance
+     * of {@link MemoryLimitsAwareHandler}.
+     *
+     * @return a new instance of {@link MemoryLimitsAwareHandler}.
+     */
+    public MemoryLimitsAwareHandler createNewInstance() {
+        MemoryLimitsAwareHandler to = new MemoryLimitsAwareHandler();
+        to.maxSizeOfSingleDecompressedPdfStream = this.maxSizeOfSingleDecompressedPdfStream;
+        to.maxSizeOfDecompressedPdfStreamsSum = this.maxSizeOfDecompressedPdfStreamsSum;
+        to.maxNumberOfElementsInXrefStructure = this.maxNumberOfElementsInXrefStructure;
+        to.maxXObjectsSizePerPage = this.maxXObjectsSizePerPage;
+        if (this.getClass() != MemoryLimitsAwareHandler.class) {
+            LOGGER.warn(KernelLogMessageConstant.MEMORYLIMITAWAREHANDLER_OVERRIDE_CREATENEWINSTANCE_METHOD);
+        }
+
+        return to;
+    }
+
     /**
      * Gets the maximum allowed size which can be occupied by a single decompressed pdf stream.
      *
 
@@ -732,6 +732,15 @@ public boolean isEncrypted() {
         return encrypted;
     }
 
+    /**
+     * Gets a copy of {@link ReaderProperties} used to create this instance of {@link PdfReader}.
+     *
+     * @return a copy of {@link ReaderProperties} used to create this instance of {@link PdfReader}
+     */
+    public ReaderProperties getPropertiesCopy() {
+        return new ReaderProperties(properties);
+    }
+
     /**
      * Parses the entire PDF
      *
 
@@ -77,7 +77,7 @@ public List<DocumentRevision> getAllRevisions() throws IOException {
                     raf.createSourceView(), 0, raf.length());
 
             try (InputStream inputStream = new RASInputStream(source);
-                    PdfReader newReader = new PdfReader(inputStream);
+                    PdfReader newReader = new PdfReader(inputStream, reader.getPropertiesCopy());
                     PdfDocument newDocument = new PdfDocument(newReader,
                             new DocumentProperties().setEventCountingMetaInfo(metaInfo))) {
                 newDocument.getXref().unmarkReadingCompleted();
 
@@ -26,23 +26,38 @@ This file is part of the iText (R) project.
 
 import java.security.Key;
 import java.security.cert.Certificate;
+import java.util.Arrays;
 
+/**
+ * The class representing various properties used to read PDF documents.
+ */
 public class ReaderProperties {
 
-
-    //added by ujihara for decryption
     protected byte[] password;
-
-    //added by Aiken Sam for certificate decryption
     protected Key certificateKey;
-    //added by Aiken Sam for certificate decryption
     protected Certificate certificate;
-    //added by Aiken Sam for certificate decryption
     protected String certificateKeyProvider;
     protected IExternalDecryptionProcess externalDecryptionProcess;
-
     protected MemoryLimitsAwareHandler memoryLimitsAwareHandler;
 
+    /**
+     * Creates an instance of {@link ReaderProperties}.
+     */
+    public ReaderProperties() {
+        // Empty constructor
+    }
+
+    ReaderProperties(ReaderProperties readerProperties) {
+        this.password = readerProperties.password == null ? null :
+                Arrays.copyOf(readerProperties.password, readerProperties.password.length);
+        this.certificateKey = readerProperties.certificateKey;
+        this.certificate = readerProperties.certificate;
+        this.certificateKeyProvider = readerProperties.certificateKeyProvider;
+        this.externalDecryptionProcess = readerProperties.externalDecryptionProcess;
+        this.memoryLimitsAwareHandler = readerProperties.memoryLimitsAwareHandler == null ? null :
+                readerProperties.memoryLimitsAwareHandler.createNewInstance();
+    }
+
     /**
      * Defines the password which will be used if the document is encrypted with standard encryption.
      * This could be either user or owner password.
@@ -95,14 +110,6 @@ public ReaderProperties setPublicKeySecurityParams(Certificate certificate, IExt
         return this;
     }
 
-    private void clearEncryptionParams() {
-        this.password = null;
-        this.certificate = null;
-        this.certificateKey = null;
-        this.certificateKeyProvider = null;
-        this.externalDecryptionProcess = null;
-    }
-
     /**
      * Sets the memory handler which will be used to handle decompressed PDF streams.
      *
@@ -114,4 +121,11 @@ public ReaderProperties setMemoryLimitsAwareHandler(MemoryLimitsAwareHandler mem
         return this;
     }
 
+    private void clearEncryptionParams() {
+        this.password = null;
+        this.certificate = null;
+        this.certificateKey = null;
+        this.certificateKeyProvider = null;
+        this.externalDecryptionProcess = null;
+    }
 }
@@ -25,11 +25,17 @@ This file is part of the iText (R) project.
 
 import com.itextpdf.kernel.exceptions.KernelExceptionMessageConstant;
 import com.itextpdf.kernel.exceptions.MemoryLimitsAwareException;
+import com.itextpdf.kernel.logs.KernelLogMessageConstant;
 import com.itextpdf.test.AssertUtil;
 import com.itextpdf.test.ExtendedITextTest;
+import com.itextpdf.test.annotations.LogMessage;
+import com.itextpdf.test.annotations.LogMessages;
+
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.Tag;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 @Tag("UnitTest")
 public class MemoryLimitsAwareHandlerTest extends ExtendedITextTest {
@@ -67,7 +73,6 @@ public boolean isMemoryLimitsAwarenessRequiredOnDecompression(PdfArray filters)
 
         Assertions.assertFalse(defaultHandler.isMemoryLimitsAwarenessRequiredOnDecompression(filters));
         Assertions.assertTrue(customHandler.isMemoryLimitsAwarenessRequiredOnDecompression(filters));
-
     }
 
     @Test
@@ -161,6 +166,53 @@ public void checkCapacityTest() {
         AssertUtil.doesNotThrow(() -> memoryLimitsAwareHandler.checkIfXrefStructureExceedsTheLimit(capacityToSet));
     }
 
+    @Test
+    @LogMessages(messages = {@LogMessage(messageTemplate =
+            KernelLogMessageConstant.MEMORYLIMITAWAREHANDLER_OVERRIDE_CREATENEWINSTANCE_METHOD)})
+    public void createCopyMemoryHandlerWarningTest() {
+        MemoryLimitsAwareHandler customHandler = new MemoryLimitsAwareHandler() {};
+
+        customHandler.setMaxNumberOfElementsInXrefStructure(1);
+        customHandler.setMaxXObjectsSizePerPage(2);
+        customHandler.setMaxSizeOfDecompressedPdfStreamsSum(3);
+        customHandler.setMaxSizeOfSingleDecompressedPdfStream(4);
+
+        MemoryLimitsAwareHandler copy = customHandler.createNewInstance();
+
+        Assertions.assertEquals(1, copy.getMaxNumberOfElementsInXrefStructure());
+        Assertions.assertEquals(2, copy.getMaxXObjectsSizePerPage());
+        Assertions.assertEquals(3, copy.getMaxSizeOfDecompressedPdfStreamsSum());
+        Assertions.assertEquals(4, copy.getMaxSizeOfSingleDecompressedPdfStream());
+    }
+
+    @Test
+    public void createCopyMemoryHandlerNoWarningTest() {
+        MemoryLimitsAwareHandler customHandler = new MemoryLimitsAwareHandler() {
+            @Override
+            public MemoryLimitsAwareHandler createNewInstance() {
+                MemoryLimitsAwareHandler to = new MemoryLimitsAwareHandler();
+                to.setMaxSizeOfSingleDecompressedPdfStream(this.getMaxSizeOfSingleDecompressedPdfStream());
+                to.setMaxSizeOfDecompressedPdfStreamsSum(this.getMaxSizeOfDecompressedPdfStreamsSum());
+                to.setMaxNumberOfElementsInXrefStructure(this.getMaxNumberOfElementsInXrefStructure());
+                to.setMaxXObjectsSizePerPage(this.getMaxXObjectsSizePerPage());
+
+                return to;
+            }
+        };
+
+        customHandler.setMaxNumberOfElementsInXrefStructure(1);
+        customHandler.setMaxXObjectsSizePerPage(2);
+        customHandler.setMaxSizeOfDecompressedPdfStreamsSum(3);
+        customHandler.setMaxSizeOfSingleDecompressedPdfStream(4);
+
+        MemoryLimitsAwareHandler copy = customHandler.createNewInstance();
+
+        Assertions.assertEquals(1, copy.getMaxNumberOfElementsInXrefStructure());
+        Assertions.assertEquals(2, copy.getMaxXObjectsSizePerPage());
+        Assertions.assertEquals(3, copy.getMaxSizeOfDecompressedPdfStreamsSum());
+        Assertions.assertEquals(4, copy.getMaxSizeOfSingleDecompressedPdfStream());
+    }
+
     private static void testSingleStream(MemoryLimitsAwareHandler handler) {
         String expectedExceptionMessage = KernelExceptionMessageConstant.DURING_DECOMPRESSION_SINGLE_STREAM_OCCUPIED_MORE_MEMORY_THAN_ALLOWED;
         int expectedFailureIndex = 10;
 
@@ -0,0 +1,51 @@
+/*
+    This file is part of the iText (R) project.
+    Copyright (c) 1998-2024 Apryse Group NV
+    Authors: Apryse Software.
+
+    This program is offered under a commercial and under the AGPL license.
+    For commercial licensing, contact us at https://itextpdf.com/sales.  For AGPL licensing, see below.
+
+    AGPL licensing:
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.itextpdf.kernel.pdf;
+
+import com.itextpdf.test.ExtendedITextTest;
+
+import java.nio.charset.StandardCharsets;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Tag;
+import org.junit.jupiter.api.Test;
+
+@Tag("UnitTest")
+public class ReaderPropertiesTest extends ExtendedITextTest {
+
+    @Test
+    public void copyConstructorTest() {
+        MemoryLimitsAwareHandler handler = new MemoryLimitsAwareHandler();
+        handler.setMaxXObjectsSizePerPage(10);
+        ReaderProperties properties = new ReaderProperties().setPassword("123".getBytes(StandardCharsets.ISO_8859_1))
+                .setMemoryLimitsAwareHandler(handler);
+
+        ReaderProperties copy = new ReaderProperties(properties);
+
+        Assertions.assertArrayEquals(copy.password, properties.password);
+
+        Assertions.assertNotEquals(copy.memoryLimitsAwareHandler, properties.memoryLimitsAwareHandler);
+        Assertions.assertEquals(copy.memoryLimitsAwareHandler.getMaxXObjectsSizePerPage(),
+                properties.memoryLimitsAwareHandler.getMaxXObjectsSizePerPage());
+        Assertions.assertEquals(10, copy.memoryLimitsAwareHandler.getMaxXObjectsSizePerPage());
+    }
+}
@@ -575,7 +575,8 @@ private boolean revisionContainsSignature(DocumentRevision revision, String sign
     private boolean createDocumentAndPerformOperation(DocumentRevision revision, PdfDocument originalDocument,
             ValidationReport report, Function<PdfDocument, Boolean> operation) {
         try (InputStream inputStream = createInputStreamFromRevision(originalDocument, revision);
-                PdfReader reader = new PdfReader(inputStream).setStrictnessLevel(StrictnessLevel.CONSERVATIVE);
+                PdfReader reader = new PdfReader(inputStream, originalDocument.getReader().getPropertiesCopy())
+                        .setStrictnessLevel(StrictnessLevel.CONSERVATIVE);
                 PdfDocument documentWithRevision = new PdfDocument(reader,
                         new DocumentProperties().setEventCountingMetaInfo(metaInfo))) {
             return (boolean) operation.apply(documentWithRevision);
 
@@ -275,8 +275,9 @@ private ValidationReport validate(String signatureName) {
 
         for (String fieldName : signatureNames) {
             ValidationReport subReport = new ValidationReport();
-            try (PdfDocument doc = new PdfDocument(new PdfReader(util.extractRevision(fieldName))
-                    .setStrictnessLevel(PdfReader.StrictnessLevel.CONSERVATIVE),
+            try (PdfDocument doc = new PdfDocument(
+                    new PdfReader(util.extractRevision(fieldName), originalDocument.getReader().getPropertiesCopy())
+                            .setStrictnessLevel(PdfReader.StrictnessLevel.CONSERVATIVE),
                     new DocumentProperties().setEventCountingMetaInfo(metaInfo))) {
                 subReport.merge(validateLatestSignature(doc));
             } catch (IOException | RuntimeException e) {
Original file line number	Diff line number	Diff line change
`@@ -107,6 +107,9 @@ public final class KernelLogMessageConstant {`
`107`	`107`	`public static final String ALGORITHM_NOT_FROM_SPEC =`
`108`	`108`	`"Requested algorithm might not be supported by the pdf specification.";`
`109`	`109`
	`110`	`+ public static final String MEMORYLIMITAWAREHANDLER_OVERRIDE_CREATENEWINSTANCE_METHOD =`
	`111`	`+ "MemoryLimitsAwareHandler#createNewInstance method must be overriden.";`
	`112`	`+`
`110`	`113`	`private KernelLogMessageConstant() {`
`111`	`114`	`//Private constructor will prevent the instantiation of this class directly`
`112`	`115`	`}`