Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update header validation checks.
Thanks to yifengchen-cc for identifying this.
  • Loading branch information
enferex committed Jul 24, 2020
1 parent 3dfc102 commit 1b42245
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 13 deletions.
2 changes: 2 additions & 0 deletions AUTHORS
Expand Up @@ -24,3 +24,5 @@ carter-yagemann: Reported and helped isolate a memory issue.
rootup: Reporting and helped isolate a memory issue.

ZanderChang: Reported and identified bad code in kid page loading.

yifengchen-cc: Reported a header parsing bug.
26 changes: 13 additions & 13 deletions pdf.c
Expand Up @@ -176,30 +176,30 @@ void pdf_delete(pdf_t *pdf)

int pdf_is_pdf(FILE *fp)
{
int is_pdf;
char *header;
if (!(header = get_header(fp)))
return 0;

header = get_header(fp);

if (header && strstr(header, "%PDF-"))
is_pdf = 1;
else
is_pdf = 0;

/* First 1024 bytes of doc must be header (1.7 spec pg 1102) */
const char *c = strstr(header, "%PDF-");
const int is_pdf = c && ((c - header+strlen("%PDF-M.m")) < 1024);
free(header);
return is_pdf;
}


void pdf_get_version(FILE *fp, pdf_t *pdf)
{
char *header, *c;

header = get_header(fp);
char *header = get_header(fp);

/* Locate version string start and make sure we dont go past header */
/* Locate version string start and make sure we dont go past header
* The format is %PDF-M.m, where 'M' is the major number and 'm' minor.
*/
const char *c;
if ((c = strstr(header, "%PDF-")) &&
(c + strlen("%PDF-M.m") + 2))
((c + 6)[0] == '.') && // Separator
isdigit((c + 5)[0]) && // Major number
isdigit((c + 7)[0])) // Minor number
{
pdf->pdf_major_version = atoi(c + strlen("%PDF-"));
pdf->pdf_minor_version = atoi(c + strlen("%PDF-M."));
Expand Down

0 comments on commit 1b42245

Please sign in to comment.