File: 0011-CVE-2021-37819.patch

package info (click to toggle)
libitext5-java 5.5.13.4-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 184,060 kB
  • sloc: xml: 255,758; java: 151,548; javascript: 2,252; makefile: 7
file content (19 lines) | stat: -rw-r--r-- 998 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
Description: CVE-2021-37819 infinite loop during PDF page traversal
Origin: https://gitlab.com/pdftk-java/pdftk/-/merge_requests/21/commits
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059320

--- a/itext/src/main/java/com/itextpdf/text/pdf/PdfReader.java
+++ b/itext/src/main/java/com/itextpdf/text/pdf/PdfReader.java
@@ -3991,6 +3991,12 @@
                             kidsPR.remove(k);
                         break;
                     }
+                    int rpageObjectNumber = rpage.getNumber();
+                    PRIndirectReference kidObjIndirectRef = (PRIndirectReference)obj;
+                    int kidObjectNumber = kidObjIndirectRef.getNumber();
+                    if (rpageObjectNumber == kidObjectNumber) {
+                        throw new InvalidPdfException("Invalid reference on Kids: " + kidObjectNumber);
+                    }
                     iteratePages((PRIndirectReference)obj);
                 }
                 popPageAttributes();