... | ... |
@@ -1410,6 +1410,8 @@ static void handle_pdfname(struct pdf_struct *pdf, struct pdf_obj *obj, const ch |
1410 | 1410 |
struct pdfname_action *act = NULL; |
1411 | 1411 |
unsigned j; |
1412 | 1412 |
|
1413 |
+ obj->statsflags |= OBJ_FLAG_PDFNAME_DONE; |
|
1414 |
+ |
|
1413 | 1415 |
for (j=0;j<sizeof(pdfname_actions)/sizeof(pdfname_actions[0]);j++) { |
1414 | 1416 |
if (!strcmp(pdfname, pdfname_actions[j].pdfname)) { |
1415 | 1417 |
act = &pdfname_actions[j]; |
... | ... |
@@ -2818,9 +2820,9 @@ pdf_nextobject(const char *ptr, size_t len) |
2818 | 2818 |
|
2819 | 2819 |
static char *pdf_convert_utf(char *begin, size_t sz) |
2820 | 2820 |
{ |
2821 |
+#if HAVE_ICONV |
|
2821 | 2822 |
char *buf, *outbuf, *p1, *p2, *res=NULL; |
2822 | 2823 |
size_t inlen, outlen, i; |
2823 |
-#if HAVE_ICONV |
|
2824 | 2824 |
char *encodings[] = { |
2825 | 2825 |
"UTF-8", |
2826 | 2826 |
"UTF-16", |
... | ... |
@@ -2870,9 +2872,10 @@ static char *pdf_convert_utf(char *begin, size_t sz) |
2870 | 2870 |
free(buf); |
2871 | 2871 |
free(outbuf); |
2872 | 2872 |
|
2873 |
-#endif |
|
2874 |
- |
|
2875 | 2873 |
return res; |
2874 |
+#else |
|
2875 |
+ return strdup(begin); |
|
2876 |
+#endif |
|
2876 | 2877 |
} |
2877 | 2878 |
|
2878 | 2879 |
static char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *objstart, size_t objsize, const char *str) |
... | ... |
@@ -2942,6 +2945,12 @@ static char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const |
2942 | 2942 |
if (!(newobj)) |
2943 | 2943 |
return NULL; |
2944 | 2944 |
|
2945 |
+ if (newobj == obj) |
|
2946 |
+ return NULL; |
|
2947 |
+ |
|
2948 |
+ if (!(newobj->statsflags & OBJ_FLAG_PDFNAME_DONE)) |
|
2949 |
+ pdf_parseobj(pdf, newobj); |
|
2950 |
+ |
|
2945 | 2951 |
if (pdf_extract_obj(pdf, newobj, PDF_EXTRACT_OBJ_NONE) != CL_SUCCESS) |
2946 | 2952 |
return NULL; |
2947 | 2953 |
|
... | ... |
@@ -2982,6 +2991,30 @@ static char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const |
2982 | 2982 |
return res; |
2983 | 2983 |
} |
2984 | 2984 |
|
2985 |
+ if (*p1 == '<') { |
|
2986 |
+ char *buf; |
|
2987 |
+ size_t sz; |
|
2988 |
+ |
|
2989 |
+ /* Hex string */ |
|
2990 |
+ |
|
2991 |
+ p2 = p1+1; |
|
2992 |
+ while ((p2 - q) < objsize && *p2 != '>') |
|
2993 |
+ p2++; |
|
2994 |
+ |
|
2995 |
+ if (p2 - q == objsize) { |
|
2996 |
+ cli_errmsg("Returning NULL here: %u\n", __LINE__); |
|
2997 |
+ return NULL; |
|
2998 |
+ } |
|
2999 |
+ |
|
3000 |
+ buf = cli_calloc(1, (p2 - p1) + 2); |
|
3001 |
+ if (!(buf)) |
|
3002 |
+ return NULL; |
|
3003 |
+ |
|
3004 |
+ strncpy(buf, p1, (p2 - p1) + 1); |
|
3005 |
+ |
|
3006 |
+ return buf; |
|
3007 |
+ } |
|
3008 |
+ |
|
2985 | 3009 |
/* Make a best effort to find the end of the string and determine if UTF-* */ |
2986 | 3010 |
p2 = ++p1; |
2987 | 3011 |
while (1) { |
... | ... |
@@ -3002,7 +3035,7 @@ static char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const |
3002 | 3002 |
upperlimit = 3; |
3003 | 3003 |
|
3004 | 3004 |
for (i=0; i <= upperlimit && p2 - i > p1; i++) { |
3005 |
- if (*(p2-i) == '\\') { |
|
3005 |
+ if (*(p2-i) == '\\' && *(p2 - i - 1) != '\\') { |
|
3006 | 3006 |
shouldbreak=0; |
3007 | 3007 |
p2++; |
3008 | 3008 |
} |
... | ... |
@@ -1,5 +1,6 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2007-2008 Sourcefire, Inc. |
|
2 |
+ * Copyright (C) 2007-2013 Sourcefire, Inc. |
|
3 |
+ * Copyright (C) 2014 Cisco Systems, Inc. All rights reserved. |
|
3 | 4 |
* |
4 | 5 |
* Authors: Nigel Horne |
5 | 6 |
* |
... | ... |
@@ -25,9 +26,13 @@ struct pdf_obj { |
25 | 25 |
uint32_t start; |
26 | 26 |
uint32_t id; |
27 | 27 |
uint32_t flags; |
28 |
+ uint32_t statsflags; |
|
28 | 29 |
char *path; |
29 | 30 |
}; |
30 | 31 |
|
32 |
+#define OBJ_FLAG_PDFNAME_NONE 0x0 |
|
33 |
+#define OBJ_FLAG_PDFNAME_DONE 0x1 |
|
34 |
+ |
|
31 | 35 |
int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset); |
32 | 36 |
|
33 | 37 |
#endif |