Comments (7)
enferex
commented on June 29, 2024
Thanks a ton for this! I'll work on a patch.
from pdfresurrect.
enferex
commented on June 29, 2024
I've fixed the issue with the overflow; however, we are dropping some type names (e.g., less descriptive and returning "Unknown" more frequently than I expect. This doesn't concern me too much, as I don't really know if reporting type names is all that valuable to users. The fix is currently in its own branch: https://github.com/enferex/pdfresurrect/tree/carter-fix
Edit: I plan on merging this into master once I get a better understanding of why we are loosing more type names.
from pdfresurrect.
enferex
commented on June 29, 2024
I've fixed the type name information, now we should maintain consistency with reporting names as we were in v.19, but with the added sanity check now.
from pdfresurrect.
carnil
commented on June 29, 2024
This issue appears to have been assigned CVE-2020-9549.
from pdfresurrect.
enferex
commented on June 29, 2024
This issue appears to have been assigned CVE-2020-9549.
Yep, thanks for following up with that. Master has the latest fixes.
from pdfresurrect.
carnil
commented on June 29, 2024
@enferex 36b67e5 and bfa81b9 specifically?
from pdfresurrect.
enferex
commented on June 29, 2024
Yep, they should be the ones.
from pdfresurrect.
Related Issues (12)
- Maybe a bug HOT 5
- Not able to find a download for pdfresurrect HOT 2
- Issue with Scrubing the previous history data from the specified PDF. HOT 24
- The lack of a complete magic check leads to heap-buffer-overflow in pdf_get_version() HOT 2
- Infinite Loop in pdf.c HOT 2
- Fails to build with autoconf 2.70 HOT 6
- Infinite loop in function get_xref_linear_skipped in pdf.c HOT 2
- Return codes for fread are not being evaluated HOT 2
- CVE-2019-14267 HOT 1
- some bug HOT 2
- SEGV: READ memory access HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pdfresurrect.