1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
From: Scott Kitterman <scott@kitterman.com>
Date: Mon, 15 Jan 2024 11:34:11 -0500
Subject: Prevent infinite loop when no character follows after a comment
https://security-tracker.debian.org/tracker/CVE-2023-36464
---
pypdf/generic/_data_structures.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pypdf/generic/_data_structures.py b/pypdf/generic/_data_structures.py
index bb2e028..524d4e0 100644
--- a/pypdf/generic/_data_structures.py
+++ b/pypdf/generic/_data_structures.py
@@ -979,7 +979,7 @@ class ContentStream(DecodedStreamObject):
# encountering a comment -- but read_object assumes that
# following the comment must be the object we're trying to
# read. In this case, it could be an operator instead.
- while peek not in (b"\r", b"\n"):
+ while peek not in (b"\r", b"\n", b""):
peek = stream.read(1)
else:
operands.append(read_object(stream, None, self.forced_encoding))
|
