xmlsecurity/source/pdfio/pdfdocument.cxx | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
New commits:
commit f3d9249ca6be6e69362b3ae90842fd2211fd0829
Author: Miklos Vajna <vmik...@collabora.co.uk>
Date: Fri Oct 14 18:15:35 2016 +0200
xmlsecurity: check file header when reading PDF signature
Currently the only non-ZIP-based import filter that declares the
SUPPORTSSIGNING flag is PDF, so if we get a stream without a storage, we
assume it's PDF.
If any other non-ZIP-based format would add that flag in the future,
that would mean PDFDocument::Read() gets that as an input. That means it
makes sense to at least check the file header early in the tokenizer,
and return early when that doesn't match.
Change-Id: I8760d130c4211f37be705e03b22814825042cac8
Reviewed-on: https://gerrit.libreoffice.org/29888
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>
diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx
b/xmlsecurity/source/pdfio/pdfdocument.cxx
index 3766e4d..4711084 100644
--- a/xmlsecurity/source/pdfio/pdfdocument.cxx
+++ b/xmlsecurity/source/pdfio/pdfdocument.cxx
@@ -215,7 +215,17 @@ PDFDocument::PDFDocument()
bool PDFDocument::Read(SvStream& rStream)
{
- // First look up the offset of the xref table.
+ // Check file magic.
+ std::vector<sal_Int8> aHeader(5);
+ rStream.Seek(0);
+ rStream.ReadBytes(aHeader.data(), aHeader.size());
+ if (aHeader[0] != '%' || aHeader[1] != 'P' || aHeader[2] != 'D' ||
aHeader[3] != 'F' || aHeader[4] != '-')
+ {
+ SAL_WARN("xmlsecurity.pdfio", "PDFDocument::Read: header mismatch");
+ return false;
+ }
+
+ // Look up the offset of the xref table.
size_t nStartXRef = FindStartXRef(rStream);
SAL_INFO("xmlsecurity.pdfio", "PDFDocument::Read: nStartXRef is " <<
nStartXRef);
if (nStartXRef == 0)
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
