> > > When trying to load the used pdfs there, nearly all of them produced some > loading errors (which is fine, I guess). But four of them could be loaded, > so I could check them against my own signature validation code. Sadly, my > code did not find any signature fields for two of the four documents. > When debugging this and stepping through the podofo code, I learned that > there is some issue when reading the xref table. As it turned out, the > forged pdf did not respect the fixed xref entry size of 20 characters, but > used only a LF were CR+LF is needed. See: > > https://www.pdf-insecurity.org/download/exploits/20_Soda_PDF_Desktop/siwa.pdf >
I checked this file and all 3 xref tables has CR+LF. >
_______________________________________________ Podofo-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/podofo-users
