Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
2.0.12
-
None
-
None
Description
Fuzzing PDF loading with JQF triggered an IndexOutOfBoundsException.
java.lang.IndexOutOfBoundsException
at java.io.PushbackInputStream.read(PushbackInputStream.java:170)
at org.apache.pdfbox.pdfparser.InputStreamSource.read(InputStreamSource.java:62)
at org.apache.pdfbox.pdfparser.InputStreamSource.readFully(InputStreamSource.java:113)
at org.apache.pdfbox.pdfparser.BaseParser.parseDirObject(BaseParser.java:907)
at org.apache.pdfbox.pdfparser.BaseParser.parseCOSArray(BaseParser.java:631)
at org.apache.pdfbox.pdfparser.BaseParser.parseDirObject(BaseParser.java:874)
at org.apache.pdfbox.pdfparser.PDFObjectStreamParser.parse(PDFObjectStreamParser.java:84)
at org.apache.pdfbox.pdfparser.COSParser.parseObjectStream(COSParser.java:994)
at org.apache.pdfbox.pdfparser.COSParser.retrieveCOSDictionary(COSParser.java:2277)
at org.apache.pdfbox.pdfparser.COSParser.searchForTrailerItems(COSParser.java:2235)
at org.apache.pdfbox.pdfparser.COSParser.rebuildTrailer(COSParser.java:2216)
at org.apache.pdfbox.pdfparser.COSParser.retrieveTrailer(COSParser.java:279)
at org.apache.pdfbox.pdfparser.PDFParser.initialParse(PDFParser.java:171)
at org.apache.pdfbox.pdfparser.PDFParser.parse(PDFParser.java:220)
at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1160)
at org.apache.pdfbox.pdmodel.PDDocument.load(PDDocument.java:1057)
...
The Code used for fuzzing is
PDDocument.load(inputStream)