Fix invalid token parsing.

Signed-off-by: yzrh <yzrh@noema.org>
2023-01-05 11:21:54 +00:00 · 2023-01-05 11:21:54 +00:00 · 13cb0a1b8d
commit 13cb0a1b8d
parent a7ecc15614
1 changed files with 24 additions and 21 deletions
--- a/src/pdf_parser.c
+++ b/src/pdf_parser.c
@ -228,28 +228,31 @@ pdf_load(pdf_object_t **pdf, FILE **fp, int size_buf)
 			((tail = _memmem_whitespace(buf, ptr->size, ">>", 2)) != NULL ||
 			/* Hack needed for invalid object */
 			(tail = memmem(buf, ptr->size, ">>", 2)) != NULL)) {
-			/*
+			if (memmem(buf, tail - buf, "stream\r\n", 8) != NULL) {
-			 * A dictionary object may have nested dictionary,
+				tail = memmem(buf, ptr->size, ">>", 2);
 			 * but it should not be in a stream
 			 */
 			while (ptr->size - (tail - buf) > 3 &&
 				(tmp = _memmem_whitespace(tail + 3,
 				ptr->size - (tail - buf) - 3,
 				">>", 2)) != NULL &&
 				memmem(tail + 3,
 				(tmp - tail) - 3,
 				"stream\r\n", 8) == NULL)
 				tail = tmp;
-			/* Hack needed for invalid object */
+				while (ptr->size - (tail - buf) > 2 &&
-			while (ptr->size - (tail - buf) > 2 &&
+					(tmp = memmem(tail + 2,
-				(tmp = memmem(tail + 2,
+					ptr->size - (tail - buf) - 2,
-				ptr->size - (tail - buf) - 2,
+					">>", 2)) != NULL &&
-				">>", 2)) != NULL &&
+					memmem(tail + 2,
-				memmem(tail + 2,
+					(tmp - tail) - 2,
-				(tmp - tail) - 2,
+					"stream\r\n", 8) == NULL)
-				"stream\r\n", 8) == NULL)
+					tail = tmp;
-				tail = tmp;
+			} else {
 				/*
 				 * A dictionary object may have nested dictionary,
 				 * but it should not be in a stream
 				 */
 				while (ptr->size - (tail - buf) > 3 &&
 					(tmp = _memmem_whitespace(tail + 3,
 					ptr->size - (tail - buf) - 3,
 					">>", 2)) != NULL &&
 					memmem(tail + 3,
 					(tmp - tail) - 3,
 					"stream\r\n", 8) == NULL)
 					tail = tmp;
 			}
 			ptr->dictionary_size = tail - head + 2;
 			ptr->dictionary = malloc(ptr->dictionary_size + 1);