If found 'trailer' ,then look backwards for 'xref'. But if there isn't character 'x' backward, the function get_xref_linear_skipped will go into an infinite loop.
─── source:pdf.c+729 ────
724 return;
725
726 /* If we found 'trailer' look backwards for 'xref' */
727 ch = 0;
728 while (SAFE_F(fp, ((ch = fgetc(fp)) != 'x')))
// fp=0x0000ffffffffeea8 → [...] → 0x00000000fbad2488
→ 729 fseek(fp, -2, SEEK_CUR);
730
731 if (ch == 'x')
732 {
733 xref->start = ftell(fp) - 1;
734 fseek(fp, -1, SEEK_CUR);
─────────────────────────────────────────────
Hi,
I found an infinite loop in function
get_xref_linear_skippedin pdf.cenv:
version: v0.22b commit af10865
OS: ubuntu 20.04
If found 'trailer' ,then look backwards for 'xref'. But if there isn't character 'x' backward, the function
get_xref_linear_skippedwill go into an infinite loop.poc(zipped ):
pdfresurrect_hang_1.zip
To reproduct:
./pdfresurrect [poc]
reporter: chiba of Topsec alphaLab
The text was updated successfully, but these errors were encountered: