Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-4338

ArrayIndexOutOfBoundsException in COSParser

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.0.12
    • 2.0.13, 3.0.0 PDFBox
    • Parsing
    • None

    Description

      Fuzzing PDF loading with JQF triggered an ArrayIndexOutOfBoundsException.

      java.lang.ArrayIndexOutOfBoundsException: -1
    java.util.ArrayList.elementData(ArrayList.java:422)
    java.util.ArrayList.get(ArrayList.java:435)
    org.apache.pdfbox.cos.COSArray.get(COSArray.java:210)
    org.apache.pdfbox.pdfparser.BaseParser.parseCOSArray(BaseParser.java:638)
    org.apache.pdfbox.pdfparser.BaseParser.parseDirObject(BaseParser.java:874)
    org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionaryValue(BaseParser.java:152)
    org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionaryNameValuePair(BaseParser.java:279)
    org.apache.pdfbox.pdfparser.BaseParser.parseCOSDictionary(BaseParser.java:212)
    org.apache.pdfbox.pdfparser.COSParser.retrieveCOSDictionary(COSParser.java:2297)
    org.apache.pdfbox.pdfparser.COSParser.searchForTrailerItems(COSParser.java:2235)
    org.apache.pdfbox.pdfparser.COSParser.rebuildTrailer(COSParser.java:2210)
    org.apache.pdfbox.pdfparser.COSParser.retrieveTrailer(COSParser.java:279)
    org.apache.pdfbox.pdfparser.PDFParser.initialParse(PDFParser.java:171)
    org.apache.pdfbox.pdfparser.PDFParser.parse(PDFParser.java:220)
    org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1028)
    org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:966)
    ...

      The Code used for fuzzing is

      PDDocument.load(inputStream)

      Attachments

        Activity

          People

            tilman Tilman Hausherr
            rschimpf Robin Schimpf
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: