[PDFBOX-4251] Optimize AFMParser - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.8.14, 2.0.10, 3.0.0 PDFBox
Fix Version/s: 1.8.15, 2.0.11, 3.0.0 PDFBox
Component/s: FontBox
Labels:
- CVE-2018-8036

Description

From our private mailinglist reported by tallison@apache.org:

Tobias Ospelt has been working with fuzzing to identify oom/infinite loops. Tobias' attached file triggers a really long running loop which eventually leads to an OOM. It looks like this loop is the problem in AFMParser's readLine():

while(!this.isEOL(nextByte = this.input.read())) {
      buf.append((char)nextByte);
}

CVE-2018-8036

Description: A carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.

Affected versions:
<= 1.8.14
<= 2.0.10

Mitigation: update to a more recent version

Attachments

Activity

People

Assignee:: Andreas Lehmkühler

Reporter:: Andreas Lehmkühler

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Jun/18 17:27

Updated:: 29/Jun/18 06:19

Resolved:: 29/Jun/18 06:16