[PDFBOX-4360] ArrayIndexOutOfBoundsException in ASCIIHexFilter - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.8.16, 2.0.12
Fix Version/s: 1.8.17, 2.0.13, 3.0.0 PDFBox
Component/s: Parsing
Labels:
None

Description

Fuzzing PDF loading with JQF triggered an ArrayIndexOutOfBoundsException.

java.lang.ArrayIndexOutOfBoundsException: 172
	at org.apache.pdfbox.filter.ASCIIHexFilter.decode(ASCIIHexFilter.java:83)
	at org.apache.pdfbox.filter.Filter.decode(Filter.java:87)
	at org.apache.pdfbox.cos.COSInputStream.create(COSInputStream.java:77)
	at org.apache.pdfbox.cos.COSStream.createInputStream(COSStream.java:175)
	at org.apache.pdfbox.cos.COSStream.createInputStream(COSStream.java:163)
	at org.apache.pdfbox.pdfparser.PDFObjectStreamParser.<init>(PDFObjectStreamParser.java:55)
	at org.apache.pdfbox.pdfparser.COSParser.parseObjectStream(COSParser.java:977)
	at org.apache.pdfbox.pdfparser.COSParser.retrieveCOSDictionary(COSParser.java:2277)
	at org.apache.pdfbox.pdfparser.COSParser.searchForTrailerItems(COSParser.java:2235)
	at org.apache.pdfbox.pdfparser.COSParser.rebuildTrailer(COSParser.java:2216)
	at org.apache.pdfbox.pdfparser.COSParser.retrieveTrailer(COSParser.java:279)
	at org.apache.pdfbox.pdfparser.PDFParser.initialParse(PDFParser.java:171)
	at org.apache.pdfbox.pdfparser.PDFParser.parse(PDFParser.java:220)
	at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1160)
	at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1057)
    ...

The Code used for fuzzing is

PDDocument.load(inputStream)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ArrayIndexOutOfBoundsException ASCIIHexFilter#decode
25/Oct/18 16:54
10 kB
Robin Schimpf

Activity

People

Assignee:: Tilman Hausherr

Reporter:: Robin Schimpf

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 25/Oct/18 16:54

Updated:: 02/Dec/18 17:06

Resolved:: 26/Oct/18 16:20