Browse code
bb12004: adding check for min pdf size needed to check pdf version
Micah Snyder authored on 2018/03/09 02:17:11Showing 1 changed files
| ... | ... |
@@ -2254,7 +2254,7 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
| 2254 | 2254 |
off_t versize = size > 1032 ? 1032 : size; |
| 2255 | 2255 |
off_t map_off, bytesleft; |
| 2256 | 2256 |
long xref; |
| 2257 |
- const char *pdfver, *start, *eofmap, *q, *eof; |
|
| 2257 |
+ const char *pdfver, *tmp, *start, *eofmap, *q, *eof; |
|
| 2258 | 2258 |
int rc, badobjects = 0; |
| 2259 | 2259 |
unsigned i, alerts = 0; |
| 2260 | 2260 |
#if HAVE_JSON |
| ... | ... |
@@ -2282,8 +2282,8 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
| 2282 | 2282 |
#endif |
| 2283 | 2283 |
|
| 2284 | 2284 |
/* offset is 0 when coming from filetype2 */ |
| 2285 |
- pdfver = cli_memstr(pdfver, versize, "%PDF-", 5); |
|
| 2286 |
- if (!pdfver) {
|
|
| 2285 |
+ tmp = cli_memstr(pdfver, versize, "%PDF-", 5); |
|
| 2286 |
+ if (!tmp) {
|
|
| 2287 | 2287 |
cli_dbgmsg("cli_pdf: no PDF- header found\n");
|
| 2288 | 2288 |
noisy_warnmsg("cli_pdf: no PDF- header found\n");
|
| 2289 | 2289 |
#if HAVE_JSON |
| ... | ... |
@@ -2292,6 +2292,13 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
| 2292 | 2292 |
return CL_SUCCESS; |
| 2293 | 2293 |
} |
| 2294 | 2294 |
|
| 2295 |
+ versize -= tmp - pdfver; |
|
| 2296 |
+ pdfver = tmp; |
|
| 2297 |
+ |
|
| 2298 |
+ if (versize < 8) {
|
|
| 2299 |
+ return CL_EFORMAT; |
|
| 2300 |
+ } |
|
| 2301 |
+ |
|
| 2295 | 2302 |
/* Check for PDF-1.[0-9]. Although 1.7 is highest now, allow for future versions */ |
| 2296 | 2303 |
if (pdfver[5] != '1' || pdfver[6] != '.' || |
| 2297 | 2304 |
pdfver[7] < '1' || pdfver[7] > '9') {
|