/src/qpdf/libqpdf/QPDFParser.cc
Line | Count | Source (jump to first uncovered line) |
1 | | #include <qpdf/QPDFParser.hh> |
2 | | |
3 | | #include <qpdf/QPDF.hh> |
4 | | #include <qpdf/QPDFObjGen.hh> |
5 | | #include <qpdf/QPDFObjectHandle.hh> |
6 | | #include <qpdf/QPDFObject_private.hh> |
7 | | #include <qpdf/QPDFTokenizer_private.hh> |
8 | | #include <qpdf/QTC.hh> |
9 | | #include <qpdf/QUtil.hh> |
10 | | |
11 | | #include <memory> |
12 | | |
13 | | using namespace std::literals; |
14 | | using namespace qpdf; |
15 | | |
16 | | using ObjectPtr = std::shared_ptr<QPDFObject>; |
17 | | |
18 | | QPDFObjectHandle |
19 | | QPDFParser::parse(InputSource& input, std::string const& object_description, QPDF* context) |
20 | 14.9k | { |
21 | 14.9k | qpdf::Tokenizer tokenizer; |
22 | 14.9k | bool empty = false; |
23 | 14.9k | return QPDFParser( |
24 | 14.9k | input, |
25 | 14.9k | make_description(input.getName(), object_description), |
26 | 14.9k | object_description, |
27 | 14.9k | tokenizer, |
28 | 14.9k | nullptr, |
29 | 14.9k | context, |
30 | 14.9k | false) |
31 | 14.9k | .parse(empty, false); |
32 | 14.9k | } |
33 | | |
34 | | QPDFObjectHandle |
35 | | QPDFParser::parse_content( |
36 | | InputSource& input, |
37 | | std::shared_ptr<QPDFObject::Description> sp_description, |
38 | | qpdf::Tokenizer& tokenizer, |
39 | | QPDF* context) |
40 | 0 | { |
41 | 0 | bool empty = false; |
42 | 0 | return QPDFParser( |
43 | 0 | input, |
44 | 0 | std::move(sp_description), |
45 | 0 | "content", |
46 | 0 | tokenizer, |
47 | 0 | nullptr, |
48 | 0 | context, |
49 | 0 | true, |
50 | 0 | 0, |
51 | 0 | 0, |
52 | 0 | context && context->reconstructed_xref()) |
53 | 0 | .parse(empty, true); |
54 | 0 | } |
55 | | |
56 | | QPDFObjectHandle |
57 | | QPDFParser::parse( |
58 | | InputSource& input, |
59 | | std::string const& object_description, |
60 | | QPDFTokenizer& tokenizer, |
61 | | bool& empty, |
62 | | QPDFObjectHandle::StringDecrypter* decrypter, |
63 | | QPDF* context) |
64 | 0 | { |
65 | 0 | return QPDFParser( |
66 | 0 | input, |
67 | 0 | make_description(input.getName(), object_description), |
68 | 0 | object_description, |
69 | 0 | *tokenizer.m, |
70 | 0 | decrypter, |
71 | 0 | context, |
72 | 0 | false) |
73 | 0 | .parse(empty, false); |
74 | 0 | } |
75 | | |
76 | | std::pair<QPDFObjectHandle, bool> |
77 | | QPDFParser::parse( |
78 | | InputSource& input, |
79 | | std::string const& object_description, |
80 | | qpdf::Tokenizer& tokenizer, |
81 | | QPDFObjectHandle::StringDecrypter* decrypter, |
82 | | QPDF& context, |
83 | | bool sanity_checks) |
84 | 136k | { |
85 | 136k | bool empty{false}; |
86 | 136k | auto result = QPDFParser( |
87 | 136k | input, |
88 | 136k | make_description(input.getName(), object_description), |
89 | 136k | object_description, |
90 | 136k | tokenizer, |
91 | 136k | decrypter, |
92 | 136k | &context, |
93 | 136k | true, |
94 | 136k | 0, |
95 | 136k | 0, |
96 | 136k | sanity_checks) |
97 | 136k | .parse(empty, false); |
98 | 136k | return {result, empty}; |
99 | 136k | } |
100 | | |
101 | | std::pair<QPDFObjectHandle, bool> |
102 | | QPDFParser::parse( |
103 | | is::OffsetBuffer& input, int stream_id, int obj_id, qpdf::Tokenizer& tokenizer, QPDF& context) |
104 | 42.9k | { |
105 | 42.9k | bool empty{false}; |
106 | 42.9k | auto result = QPDFParser( |
107 | 42.9k | input, |
108 | 42.9k | std::make_shared<QPDFObject::Description>( |
109 | 42.9k | QPDFObject::ObjStreamDescr(stream_id, obj_id)), |
110 | 42.9k | "", |
111 | 42.9k | tokenizer, |
112 | 42.9k | nullptr, |
113 | 42.9k | &context, |
114 | 42.9k | true, |
115 | 42.9k | stream_id, |
116 | 42.9k | obj_id) |
117 | 42.9k | .parse(empty, false); |
118 | 42.9k | return {result, empty}; |
119 | 42.9k | } |
120 | | |
121 | | QPDFObjectHandle |
122 | | QPDFParser::parse(bool& empty, bool content_stream) |
123 | 194k | { |
124 | | // This method must take care not to resolve any objects. Don't check the type of any object |
125 | | // without first ensuring that it is a direct object. Otherwise, doing so may have the side |
126 | | // effect of reading the object and changing the file pointer. If you do this, it will cause a |
127 | | // logic error to be thrown from QPDF::inParse(). |
128 | | |
129 | 194k | QPDF::ParseGuard pg(context); |
130 | 194k | empty = false; |
131 | 194k | start = input.tell(); |
132 | | |
133 | 194k | if (!tokenizer.nextToken(input, object_description)) { |
134 | 1.75k | warn(tokenizer.getErrorMessage()); |
135 | 1.75k | } |
136 | | |
137 | 194k | switch (tokenizer.getType()) { |
138 | 987 | case QPDFTokenizer::tt_eof: |
139 | 987 | if (content_stream) { |
140 | | // In content stream mode, leave object uninitialized to indicate EOF |
141 | 0 | return {}; |
142 | 0 | } |
143 | 987 | QTC::TC("qpdf", "QPDFParser eof in parse"); |
144 | 987 | warn("unexpected EOF"); |
145 | 987 | return {QPDFObject::create<QPDF_Null>()}; |
146 | | |
147 | 1.72k | case QPDFTokenizer::tt_bad: |
148 | 1.72k | QTC::TC("qpdf", "QPDFParser bad token in parse"); |
149 | 1.72k | return {QPDFObject::create<QPDF_Null>()}; |
150 | | |
151 | 265 | case QPDFTokenizer::tt_brace_open: |
152 | 543 | case QPDFTokenizer::tt_brace_close: |
153 | 543 | QTC::TC("qpdf", "QPDFParser bad brace"); |
154 | 543 | warn("treating unexpected brace token as null"); |
155 | 543 | return {QPDFObject::create<QPDF_Null>()}; |
156 | | |
157 | 1.22k | case QPDFTokenizer::tt_array_close: |
158 | 1.22k | QTC::TC("qpdf", "QPDFParser bad array close"); |
159 | 1.22k | warn("treating unexpected array close token as null"); |
160 | 1.22k | return {QPDFObject::create<QPDF_Null>()}; |
161 | | |
162 | 657 | case QPDFTokenizer::tt_dict_close: |
163 | 657 | QTC::TC("qpdf", "QPDFParser bad dictionary close"); |
164 | 657 | warn("unexpected dictionary close token"); |
165 | 657 | return {QPDFObject::create<QPDF_Null>()}; |
166 | | |
167 | 10.3k | case QPDFTokenizer::tt_array_open: |
168 | 145k | case QPDFTokenizer::tt_dict_open: |
169 | 145k | stack.clear(); |
170 | 145k | stack.emplace_back( |
171 | 145k | input, |
172 | 145k | (tokenizer.getType() == QPDFTokenizer::tt_array_open) ? st_array : st_dictionary_key); |
173 | 145k | frame = &stack.back(); |
174 | 145k | return parseRemainder(content_stream); |
175 | | |
176 | 865 | case QPDFTokenizer::tt_bool: |
177 | 865 | return withDescription<QPDF_Bool>(tokenizer.getValue() == "true"); |
178 | | |
179 | 214 | case QPDFTokenizer::tt_null: |
180 | 214 | return {QPDFObject::create<QPDF_Null>()}; |
181 | | |
182 | 14.8k | case QPDFTokenizer::tt_integer: |
183 | 14.8k | return withDescription<QPDF_Integer>(QUtil::string_to_ll(tokenizer.getValue().c_str())); |
184 | | |
185 | 609 | case QPDFTokenizer::tt_real: |
186 | 609 | return withDescription<QPDF_Real>(tokenizer.getValue()); |
187 | | |
188 | 17.6k | case QPDFTokenizer::tt_name: |
189 | 17.6k | return withDescription<QPDF_Name>(tokenizer.getValue()); |
190 | | |
191 | 8.76k | case QPDFTokenizer::tt_word: |
192 | 8.76k | { |
193 | 8.76k | auto const& value = tokenizer.getValue(); |
194 | 8.76k | if (content_stream) { |
195 | 0 | return withDescription<QPDF_Operator>(value); |
196 | 8.76k | } else if (value == "endobj") { |
197 | | // We just saw endobj without having read anything. Treat this as a null and do |
198 | | // not move the input source's offset. |
199 | 646 | input.seek(input.getLastOffset(), SEEK_SET); |
200 | 646 | empty = true; |
201 | 646 | return {QPDFObject::create<QPDF_Null>()}; |
202 | 8.11k | } else { |
203 | 8.11k | QTC::TC("qpdf", "QPDFParser treat word as string"); |
204 | 8.11k | warn("unknown token while reading object; treating as string"); |
205 | 8.11k | return withDescription<QPDF_String>(value); |
206 | 8.11k | } |
207 | 8.76k | } |
208 | | |
209 | 634 | case QPDFTokenizer::tt_string: |
210 | 634 | if (decrypter) { |
211 | 108 | std::string s{tokenizer.getValue()}; |
212 | 108 | decrypter->decryptString(s); |
213 | 108 | return withDescription<QPDF_String>(s); |
214 | 526 | } else { |
215 | 526 | return withDescription<QPDF_String>(tokenizer.getValue()); |
216 | 526 | } |
217 | | |
218 | 0 | default: |
219 | 0 | warn("treating unknown token type as null while reading object"); |
220 | 0 | return {QPDFObject::create<QPDF_Null>()}; |
221 | 194k | } |
222 | 194k | } |
223 | | |
224 | | QPDFObjectHandle |
225 | | QPDFParser::parseRemainder(bool content_stream) |
226 | 145k | { |
227 | | // This method must take care not to resolve any objects. Don't check the type of any object |
228 | | // without first ensuring that it is a direct object. Otherwise, doing so may have the side |
229 | | // effect of reading the object and changing the file pointer. If you do this, it will cause a |
230 | | // logic error to be thrown from QPDF::inParse(). |
231 | | |
232 | 145k | bad_count = 0; |
233 | 145k | bool b_contents = false; |
234 | | |
235 | 11.1M | while (true) { |
236 | 11.1M | if (!tokenizer.nextToken(input, object_description)) { |
237 | 31.3k | warn(tokenizer.getErrorMessage()); |
238 | 31.3k | } |
239 | 11.1M | ++good_count; // optimistically |
240 | | |
241 | 11.1M | if (int_count != 0) { |
242 | | // Special handling of indirect references. Treat integer tokens as part of an indirect |
243 | | // reference until proven otherwise. |
244 | 5.82M | if (tokenizer.getType() == QPDFTokenizer::tt_integer) { |
245 | 5.23M | if (++int_count > 2) { |
246 | | // Process the oldest buffered integer. |
247 | 4.82M | addInt(int_count); |
248 | 4.82M | } |
249 | 5.23M | last_offset_buffer[int_count % 2] = input.getLastOffset(); |
250 | 5.23M | int_buffer[int_count % 2] = QUtil::string_to_ll(tokenizer.getValue().c_str()); |
251 | 5.23M | continue; |
252 | | |
253 | 5.23M | } else if ( |
254 | 584k | int_count >= 2 && tokenizer.getType() == QPDFTokenizer::tt_word && |
255 | 584k | tokenizer.getValue() == "R") { |
256 | 344k | if (context == nullptr) { |
257 | 0 | QTC::TC("qpdf", "QPDFParser indirect without context"); |
258 | 0 | throw std::logic_error( |
259 | 0 | "QPDFParser::parse called without context on an object " |
260 | 0 | "with indirect references"); |
261 | 0 | } |
262 | 344k | auto id = QIntC::to_int(int_buffer[(int_count - 1) % 2]); |
263 | 344k | auto gen = QIntC::to_int(int_buffer[(int_count) % 2]); |
264 | 344k | if (!(id < 1 || gen < 0 || gen >= 65535)) { |
265 | 341k | add(QPDF::ParseGuard::getObject(context, id, gen, parse_pdf)); |
266 | 341k | } else { |
267 | 2.64k | QTC::TC("qpdf", "QPDFParser invalid objgen"); |
268 | 2.64k | addNull(); |
269 | 2.64k | } |
270 | 344k | int_count = 0; |
271 | 344k | continue; |
272 | | |
273 | 344k | } else if (int_count > 0) { |
274 | | // Process the buffered integers before processing the current token. |
275 | 240k | if (int_count > 1) { |
276 | 62.9k | addInt(int_count - 1); |
277 | 62.9k | } |
278 | 240k | addInt(int_count); |
279 | 240k | int_count = 0; |
280 | 240k | } |
281 | 5.82M | } |
282 | | |
283 | 5.56M | switch (tokenizer.getType()) { |
284 | 8.59k | case QPDFTokenizer::tt_eof: |
285 | 8.59k | warn("parse error while reading object"); |
286 | 8.59k | if (content_stream) { |
287 | | // In content stream mode, leave object uninitialized to indicate EOF |
288 | 0 | return {}; |
289 | 0 | } |
290 | 8.59k | QTC::TC("qpdf", "QPDFParser eof in parseRemainder"); |
291 | 8.59k | warn("unexpected EOF"); |
292 | 8.59k | return {QPDFObject::create<QPDF_Null>()}; |
293 | | |
294 | 28.4k | case QPDFTokenizer::tt_bad: |
295 | 28.4k | QTC::TC("qpdf", "QPDFParser bad token in parseRemainder"); |
296 | 28.4k | if (tooManyBadTokens()) { |
297 | 920 | return {QPDFObject::create<QPDF_Null>()}; |
298 | 920 | } |
299 | 27.5k | addNull(); |
300 | 27.5k | continue; |
301 | | |
302 | 1.42k | case QPDFTokenizer::tt_brace_open: |
303 | 3.08k | case QPDFTokenizer::tt_brace_close: |
304 | 3.08k | QTC::TC("qpdf", "QPDFParser bad brace in parseRemainder"); |
305 | 3.08k | warn("treating unexpected brace token as null"); |
306 | 3.08k | if (tooManyBadTokens()) { |
307 | 235 | return {QPDFObject::create<QPDF_Null>()}; |
308 | 235 | } |
309 | 2.85k | addNull(); |
310 | 2.85k | continue; |
311 | | |
312 | 104k | case QPDFTokenizer::tt_array_close: |
313 | 104k | if ((bad_count || sanity_checks) && !max_bad_count) { |
314 | | // Trigger warning. |
315 | 148 | (void)tooManyBadTokens(); |
316 | 148 | return {QPDFObject::create<QPDF_Null>()}; |
317 | 148 | } |
318 | 104k | if (frame->state == st_array) { |
319 | 102k | auto object = frame->null_count > 100 |
320 | 102k | ? QPDFObject::create<QPDF_Array>(std::move(frame->olist), true) |
321 | 102k | : QPDFObject::create<QPDF_Array>(std::move(frame->olist)); |
322 | 102k | setDescription(object, frame->offset - 1); |
323 | | // The `offset` points to the next of "[". Set the rewind offset to point to the |
324 | | // beginning of "[". This has been explicitly tested with whitespace surrounding the |
325 | | // array start delimiter. getLastOffset points to the array end token and therefore |
326 | | // can't be used here. |
327 | 102k | if (stack.size() <= 1) { |
328 | 1.90k | return object; |
329 | 1.90k | } |
330 | 100k | stack.pop_back(); |
331 | 100k | frame = &stack.back(); |
332 | 100k | add(std::move(object)); |
333 | 100k | } else { |
334 | 1.59k | QTC::TC("qpdf", "QPDFParser bad array close in parseRemainder"); |
335 | 1.59k | if (sanity_checks) { |
336 | | // During sanity checks, assume nesting of containers is corrupt and object is |
337 | | // unusable. |
338 | 1.21k | warn("unexpected array close token; giving up on reading object"); |
339 | 1.21k | return {QPDFObject::create<QPDF_Null>()}; |
340 | 1.21k | } |
341 | 378 | warn("treating unexpected array close token as null"); |
342 | 378 | if (tooManyBadTokens()) { |
343 | 45 | return {QPDFObject::create<QPDF_Null>()}; |
344 | 45 | } |
345 | 333 | addNull(); |
346 | 333 | } |
347 | 101k | continue; |
348 | | |
349 | 182k | case QPDFTokenizer::tt_dict_close: |
350 | 182k | if ((bad_count || sanity_checks) && !max_bad_count) { |
351 | | // Trigger warning. |
352 | 191 | (void)tooManyBadTokens(); |
353 | 191 | return {QPDFObject::create<QPDF_Null>()}; |
354 | 191 | } |
355 | 182k | if (frame->state <= st_dictionary_value) { |
356 | | // Attempt to recover more or less gracefully from invalid dictionaries. |
357 | 180k | auto& dict = frame->dict; |
358 | | |
359 | 180k | if (frame->state == st_dictionary_value) { |
360 | 11.2k | QTC::TC("qpdf", "QPDFParser no val for last key"); |
361 | 11.2k | warn( |
362 | 11.2k | frame->offset, |
363 | 11.2k | "dictionary ended prematurely; using null as value for last key"); |
364 | 11.2k | dict[frame->key] = QPDFObject::create<QPDF_Null>(); |
365 | 11.2k | } |
366 | 180k | if (!frame->olist.empty()) { |
367 | 45.7k | if (sanity_checks) { |
368 | 43.6k | warn( |
369 | 43.6k | frame->offset, |
370 | 43.6k | "expected dictionary keys but found non-name objects; ignoring"); |
371 | 43.6k | } else { |
372 | 2.13k | fixMissingKeys(); |
373 | 2.13k | } |
374 | 45.7k | } |
375 | | |
376 | 180k | if (!frame->contents_string.empty() && dict.contains("/Type") && |
377 | 180k | dict["/Type"].isNameAndEquals("/Sig") && dict.contains("/ByteRange") && |
378 | 180k | dict.contains("/Contents") && dict["/Contents"].isString()) { |
379 | 10 | dict["/Contents"] = QPDFObjectHandle::newString(frame->contents_string); |
380 | 10 | dict["/Contents"].setParsedOffset(frame->contents_offset); |
381 | 10 | } |
382 | 180k | auto object = QPDFObject::create<QPDF_Dictionary>(std::move(dict)); |
383 | 180k | setDescription(object, frame->offset - 2); |
384 | | // The `offset` points to the next of "<<". Set the rewind offset to point to the |
385 | | // beginning of "<<". This has been explicitly tested with whitespace surrounding |
386 | | // the dictionary start delimiter. getLastOffset points to the dictionary end token |
387 | | // and therefore can't be used here. |
388 | 180k | if (stack.size() <= 1) { |
389 | 122k | return object; |
390 | 122k | } |
391 | 57.6k | stack.pop_back(); |
392 | 57.6k | frame = &stack.back(); |
393 | 57.6k | add(std::move(object)); |
394 | 57.6k | } else { |
395 | 1.64k | QTC::TC("qpdf", "QPDFParser bad dictionary close in parseRemainder"); |
396 | 1.64k | if (sanity_checks) { |
397 | | // During sanity checks, assume nesting of containers is corrupt and object is |
398 | | // unusable. |
399 | 1.18k | warn("unexpected dictionary close token; giving up on reading object"); |
400 | 1.18k | return {QPDFObject::create<QPDF_Null>()}; |
401 | 1.18k | } |
402 | 463 | warn("unexpected dictionary close token"); |
403 | 463 | if (tooManyBadTokens()) { |
404 | 62 | return {QPDFObject::create<QPDF_Null>()}; |
405 | 62 | } |
406 | 401 | addNull(); |
407 | 401 | } |
408 | 58.0k | continue; |
409 | | |
410 | 185k | case QPDFTokenizer::tt_array_open: |
411 | 275k | case QPDFTokenizer::tt_dict_open: |
412 | 275k | if (stack.size() > 499) { |
413 | 89 | QTC::TC("qpdf", "QPDFParser too deep"); |
414 | 89 | warn("ignoring excessively deeply nested data structure"); |
415 | 89 | return {QPDFObject::create<QPDF_Null>()}; |
416 | 275k | } else { |
417 | 275k | b_contents = false; |
418 | 275k | stack.emplace_back( |
419 | 275k | input, |
420 | 275k | (tokenizer.getType() == QPDFTokenizer::tt_array_open) ? st_array |
421 | 275k | : st_dictionary_key); |
422 | 275k | frame = &stack.back(); |
423 | 275k | continue; |
424 | 275k | } |
425 | | |
426 | 6.66k | case QPDFTokenizer::tt_bool: |
427 | 6.66k | addScalar<QPDF_Bool>(tokenizer.getValue() == "true"); |
428 | 6.66k | continue; |
429 | | |
430 | 82.2k | case QPDFTokenizer::tt_null: |
431 | 82.2k | addNull(); |
432 | 82.2k | continue; |
433 | | |
434 | 585k | case QPDFTokenizer::tt_integer: |
435 | 585k | if (!content_stream) { |
436 | | // Buffer token in case it is part of an indirect reference. |
437 | 585k | last_offset_buffer[1] = input.getLastOffset(); |
438 | 585k | int_buffer[1] = QUtil::string_to_ll(tokenizer.getValue().c_str()); |
439 | 585k | int_count = 1; |
440 | 585k | } else { |
441 | 0 | addScalar<QPDF_Integer>(QUtil::string_to_ll(tokenizer.getValue().c_str())); |
442 | 0 | } |
443 | 585k | continue; |
444 | | |
445 | 70.1k | case QPDFTokenizer::tt_real: |
446 | 70.1k | addScalar<QPDF_Real>(tokenizer.getValue()); |
447 | 70.1k | continue; |
448 | | |
449 | 3.98M | case QPDFTokenizer::tt_name: |
450 | 3.98M | if (frame->state == st_dictionary_key) { |
451 | 793k | frame->key = tokenizer.getValue(); |
452 | 793k | frame->state = st_dictionary_value; |
453 | 793k | b_contents = decrypter && frame->key == "/Contents"; |
454 | 793k | continue; |
455 | 3.18M | } else { |
456 | 3.18M | addScalar<QPDF_Name>(tokenizer.getValue()); |
457 | 3.18M | } |
458 | 3.18M | continue; |
459 | | |
460 | 3.18M | case QPDFTokenizer::tt_word: |
461 | 184k | if (content_stream) { |
462 | 0 | addScalar<QPDF_Operator>(tokenizer.getValue()); |
463 | 0 | continue; |
464 | 0 | } |
465 | | |
466 | 184k | if (sanity_checks) { |
467 | 178k | if (tokenizer.getValue() == "endobj" || tokenizer.getValue() == "endstream") { |
468 | | // During sanity checks, assume an unexpected endobj or endstream indicates that |
469 | | // we are parsing past the end of the object. |
470 | 2.29k | warn( |
471 | 2.29k | "unexpected 'endobj' or 'endstream' while reading object; giving up on " |
472 | 2.29k | "reading object"); |
473 | 2.29k | return {QPDFObject::create<QPDF_Null>()}; |
474 | 2.29k | } |
475 | | |
476 | 176k | warn("unknown token while reading object; treating as null"); |
477 | 176k | if (tooManyBadTokens()) { |
478 | 4.28k | return {QPDFObject::create<QPDF_Null>()}; |
479 | 4.28k | } |
480 | 172k | addNull(); |
481 | 172k | continue; |
482 | 176k | } |
483 | | |
484 | 5.63k | QTC::TC("qpdf", "QPDFParser treat word as string in parseRemainder"); |
485 | 5.63k | warn("unknown token while reading object; treating as string"); |
486 | 5.63k | if (tooManyBadTokens()) { |
487 | 165 | return {QPDFObject::create<QPDF_Null>()}; |
488 | 165 | } |
489 | 5.47k | addScalar<QPDF_String>(tokenizer.getValue()); |
490 | | |
491 | 5.47k | continue; |
492 | | |
493 | 53.7k | case QPDFTokenizer::tt_string: |
494 | 53.7k | { |
495 | 53.7k | auto const& val = tokenizer.getValue(); |
496 | 53.7k | if (decrypter) { |
497 | 11.1k | if (b_contents) { |
498 | 243 | frame->contents_string = val; |
499 | 243 | frame->contents_offset = input.getLastOffset(); |
500 | 243 | b_contents = false; |
501 | 243 | } |
502 | 11.1k | std::string s{val}; |
503 | 11.1k | decrypter->decryptString(s); |
504 | 11.1k | addScalar<QPDF_String>(s); |
505 | 42.6k | } else { |
506 | 42.6k | addScalar<QPDF_String>(val); |
507 | 42.6k | } |
508 | 53.7k | } |
509 | 53.7k | continue; |
510 | | |
511 | 0 | default: |
512 | 0 | warn("treating unknown token type as null while reading object"); |
513 | 0 | if (tooManyBadTokens()) { |
514 | 0 | return {QPDFObject::create<QPDF_Null>()}; |
515 | 0 | } |
516 | 0 | addNull(); |
517 | 5.56M | } |
518 | 5.56M | } |
519 | 145k | } |
520 | | |
521 | | void |
522 | | QPDFParser::add(std::shared_ptr<QPDFObject>&& obj) |
523 | 8.40M | { |
524 | 8.40M | if (frame->state != st_dictionary_value) { |
525 | | // If state is st_dictionary_key then there is a missing key. Push onto olist for |
526 | | // processing once the tt_dict_close token has been found. |
527 | 7.66M | frame->olist.emplace_back(std::move(obj)); |
528 | 7.66M | } else { |
529 | 741k | if (auto res = frame->dict.insert_or_assign(frame->key, std::move(obj)); !res.second) { |
530 | 40.1k | warnDuplicateKey(); |
531 | 40.1k | } |
532 | 741k | frame->state = st_dictionary_key; |
533 | 741k | } |
534 | 8.40M | } |
535 | | |
536 | | void |
537 | | QPDFParser::addNull() |
538 | 287k | { |
539 | 287k | const static ObjectPtr null_obj = QPDFObject::create<QPDF_Null>(); |
540 | | |
541 | 287k | if (frame->state != st_dictionary_value) { |
542 | | // If state is st_dictionary_key then there is a missing key. Push onto olist for |
543 | | // processing once the tt_dict_close token has been found. |
544 | 253k | frame->olist.emplace_back(null_obj); |
545 | 253k | } else { |
546 | 33.2k | if (auto res = frame->dict.insert_or_assign(frame->key, null_obj); !res.second) { |
547 | 2.28k | warnDuplicateKey(); |
548 | 2.28k | } |
549 | 33.2k | frame->state = st_dictionary_key; |
550 | 33.2k | } |
551 | 287k | ++frame->null_count; |
552 | 287k | } |
553 | | |
554 | | void |
555 | | QPDFParser::addInt(int count) |
556 | 5.13M | { |
557 | 5.13M | auto obj = QPDFObject::create<QPDF_Integer>(int_buffer[count % 2]); |
558 | 5.13M | obj->setDescription(context, description, last_offset_buffer[count % 2]); |
559 | 5.13M | add(std::move(obj)); |
560 | 5.13M | } |
561 | | |
562 | | template <typename T, typename... Args> |
563 | | void |
564 | | QPDFParser::addScalar(Args&&... args) |
565 | 3.32M | { |
566 | 3.32M | if ((bad_count || sanity_checks) && |
567 | 3.32M | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { |
568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is |
569 | | // encountered. |
570 | 550k | max_bad_count = 0; |
571 | 550k | return; |
572 | 550k | } |
573 | 2.77M | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); |
574 | 2.77M | obj->setDescription(context, description, input.getLastOffset()); |
575 | 2.77M | add(std::move(obj)); |
576 | 2.77M | } void QPDFParser::addScalar<QPDF_Bool, bool>(bool&&) Line | Count | Source | 565 | 6.66k | { | 566 | 6.66k | if ((bad_count || sanity_checks) && | 567 | 6.66k | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { | 568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is | 569 | | // encountered. | 570 | 223 | max_bad_count = 0; | 571 | 223 | return; | 572 | 223 | } | 573 | 6.44k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 574 | 6.44k | obj->setDescription(context, description, input.getLastOffset()); | 575 | 6.44k | add(std::move(obj)); | 576 | 6.44k | } |
Unexecuted instantiation: void QPDFParser::addScalar<QPDF_Integer, long long>(long long&&) void QPDFParser::addScalar<QPDF_Real, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 565 | 70.1k | { | 566 | 70.1k | if ((bad_count || sanity_checks) && | 567 | 70.1k | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { | 568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is | 569 | | // encountered. | 570 | 205 | max_bad_count = 0; | 571 | 205 | return; | 572 | 205 | } | 573 | 69.9k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 574 | 69.9k | obj->setDescription(context, description, input.getLastOffset()); | 575 | 69.9k | add(std::move(obj)); | 576 | 69.9k | } |
void QPDFParser::addScalar<QPDF_Name, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 565 | 3.18M | { | 566 | 3.18M | if ((bad_count || sanity_checks) && | 567 | 3.18M | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { | 568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is | 569 | | // encountered. | 570 | 550k | max_bad_count = 0; | 571 | 550k | return; | 572 | 550k | } | 573 | 2.63M | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 574 | 2.63M | obj->setDescription(context, description, input.getLastOffset()); | 575 | 2.63M | add(std::move(obj)); | 576 | 2.63M | } |
Unexecuted instantiation: void QPDFParser::addScalar<QPDF_Operator, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) void QPDFParser::addScalar<QPDF_String, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 565 | 48.1k | { | 566 | 48.1k | if ((bad_count || sanity_checks) && | 567 | 48.1k | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { | 568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is | 569 | | // encountered. | 570 | 215 | max_bad_count = 0; | 571 | 215 | return; | 572 | 215 | } | 573 | 47.8k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 574 | 47.8k | obj->setDescription(context, description, input.getLastOffset()); | 575 | 47.8k | add(std::move(obj)); | 576 | 47.8k | } |
void QPDFParser::addScalar<QPDF_String, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&) Line | Count | Source | 565 | 11.1k | { | 566 | 11.1k | if ((bad_count || sanity_checks) && | 567 | 11.1k | (frame->olist.size() > 5'000 || frame->dict.size() > 5'000)) { | 568 | | // Stop adding scalars. We are going to abort when the close token or a bad token is | 569 | | // encountered. | 570 | 71 | max_bad_count = 0; | 571 | 71 | return; | 572 | 71 | } | 573 | 11.0k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 574 | 11.0k | obj->setDescription(context, description, input.getLastOffset()); | 575 | 11.0k | add(std::move(obj)); | 576 | 11.0k | } |
|
577 | | |
578 | | template <typename T, typename... Args> |
579 | | QPDFObjectHandle |
580 | | QPDFParser::withDescription(Args&&... args) |
581 | 42.2k | { |
582 | 42.2k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); |
583 | 42.2k | obj->setDescription(context, description, start); |
584 | 42.2k | return {obj}; |
585 | 42.2k | } QPDFObjectHandle QPDFParser::withDescription<QPDF_Bool, bool>(bool&&) Line | Count | Source | 581 | 865 | { | 582 | 865 | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 865 | obj->setDescription(context, description, start); | 584 | 865 | return {obj}; | 585 | 865 | } |
QPDFObjectHandle QPDFParser::withDescription<QPDF_Integer, long long>(long long&&) Line | Count | Source | 581 | 14.7k | { | 582 | 14.7k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 14.7k | obj->setDescription(context, description, start); | 584 | 14.7k | return {obj}; | 585 | 14.7k | } |
QPDFObjectHandle QPDFParser::withDescription<QPDF_Real, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 581 | 609 | { | 582 | 609 | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 609 | obj->setDescription(context, description, start); | 584 | 609 | return {obj}; | 585 | 609 | } |
QPDFObjectHandle QPDFParser::withDescription<QPDF_Name, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 581 | 17.6k | { | 582 | 17.6k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 17.6k | obj->setDescription(context, description, start); | 584 | 17.6k | return {obj}; | 585 | 17.6k | } |
Unexecuted instantiation: QPDFObjectHandle QPDFParser::withDescription<QPDF_Operator, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) QPDFObjectHandle QPDFParser::withDescription<QPDF_String, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) Line | Count | Source | 581 | 8.27k | { | 582 | 8.27k | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 8.27k | obj->setDescription(context, description, start); | 584 | 8.27k | return {obj}; | 585 | 8.27k | } |
QPDFObjectHandle QPDFParser::withDescription<QPDF_String, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&) Line | Count | Source | 581 | 108 | { | 582 | 108 | auto obj = QPDFObject::create<T>(std::forward<Args>(args)...); | 583 | 108 | obj->setDescription(context, description, start); | 584 | 108 | return {obj}; | 585 | 108 | } |
|
586 | | |
587 | | void |
588 | | QPDFParser::setDescription(ObjectPtr& obj, qpdf_offset_t parsed_offset) |
589 | 283k | { |
590 | 283k | if (obj) { |
591 | 283k | obj->setDescription(context, description, parsed_offset); |
592 | 283k | } |
593 | 283k | } |
594 | | |
595 | | void |
596 | | QPDFParser::fixMissingKeys() |
597 | 2.13k | { |
598 | 2.13k | std::set<std::string> names; |
599 | 5.48k | for (auto& obj: frame->olist) { |
600 | 5.48k | if (obj.getObj()->getTypeCode() == ::ot_name) { |
601 | 316 | names.insert(obj.getObj()->getStringValue()); |
602 | 316 | } |
603 | 5.48k | } |
604 | 2.13k | int next_fake_key = 1; |
605 | 5.46k | for (auto const& item: frame->olist) { |
606 | 5.50k | while (true) { |
607 | 5.50k | const std::string key = "/QPDFFake" + std::to_string(next_fake_key++); |
608 | 5.50k | const bool found_fake = !frame->dict.contains(key) && !names.contains(key); |
609 | 5.50k | QTC::TC("qpdf", "QPDFParser found fake", (found_fake ? 0 : 1)); |
610 | 5.50k | if (found_fake) { |
611 | 5.46k | warn( |
612 | 5.46k | frame->offset, |
613 | 5.46k | "expected dictionary key but found non-name object; inserting key " + key); |
614 | 5.46k | frame->dict[key] = item; |
615 | 5.46k | break; |
616 | 5.46k | } |
617 | 5.50k | } |
618 | 5.46k | } |
619 | 2.13k | } |
620 | | |
621 | | bool |
622 | | QPDFParser::tooManyBadTokens() |
623 | 214k | { |
624 | 214k | if (frame->olist.size() > 5'000 || frame->dict.size() > 5'000) { |
625 | 361 | if (bad_count) { |
626 | 296 | warn( |
627 | 296 | "encountered errors while parsing an array or dictionary with more than 5000 " |
628 | 296 | "elements; giving up on reading object"); |
629 | 296 | return true; |
630 | 296 | } |
631 | 65 | warn( |
632 | 65 | "encountered an array or dictionary with more than 5000 elements during xref recovery; " |
633 | 65 | "giving up on reading object"); |
634 | 65 | } |
635 | 213k | if (max_bad_count && --max_bad_count > 0 && good_count > 4) { |
636 | 78.9k | good_count = 0; |
637 | 78.9k | bad_count = 1; |
638 | 78.9k | return false; |
639 | 78.9k | } |
640 | 134k | if (++bad_count > 5 || |
641 | 134k | (frame->state != st_array && QIntC::to_size(max_bad_count) < frame->olist.size())) { |
642 | | // Give up after 5 errors in close proximity or if the number of missing dictionary keys |
643 | | // exceeds the remaining number of allowable total errors. |
644 | 5.60k | warn("too many errors; giving up on reading object"); |
645 | 5.60k | return true; |
646 | 5.60k | } |
647 | 129k | good_count = 0; |
648 | 129k | return false; |
649 | 134k | } |
650 | | |
651 | | void |
652 | | QPDFParser::warn(QPDFExc const& e) const |
653 | 361k | { |
654 | | // If parsing on behalf of a QPDF object and want to give a warning, we can warn through the |
655 | | // object. If parsing for some other reason, such as an explicit creation of an object from a |
656 | | // string, then just throw the exception. |
657 | 361k | if (context) { |
658 | 361k | context->warn(e); |
659 | 361k | } else { |
660 | 0 | throw e; |
661 | 0 | } |
662 | 361k | } |
663 | | |
664 | | void |
665 | | QPDFParser::warnDuplicateKey() |
666 | 42.4k | { |
667 | 42.4k | QTC::TC("qpdf", "QPDFParser duplicate dict key"); |
668 | 42.4k | warn( |
669 | 42.4k | frame->offset, |
670 | 42.4k | "dictionary has duplicated key " + frame->key + "; last occurrence overrides earlier ones"); |
671 | 42.4k | } |
672 | | |
673 | | void |
674 | | QPDFParser::warn(qpdf_offset_t offset, std::string const& msg) const |
675 | 361k | { |
676 | 361k | if (stream_id) { |
677 | 21.1k | std::string descr = "object "s + std::to_string(obj_id) + " 0"; |
678 | 21.1k | std::string name = context->getFilename() + " object stream " + std::to_string(stream_id); |
679 | 21.1k | warn(QPDFExc(qpdf_e_damaged_pdf, name, descr, offset, msg)); |
680 | 340k | } else { |
681 | 340k | warn(QPDFExc(qpdf_e_damaged_pdf, input.getName(), object_description, offset, msg)); |
682 | 340k | } |
683 | 361k | } |
684 | | |
685 | | void |
686 | | QPDFParser::warn(std::string const& msg) const |
687 | 258k | { |
688 | 258k | warn(input.getLastOffset(), msg); |
689 | 258k | } |