From 29af15f37e364701289fe9f0cfe17872264524b3 Mon Sep 17 00:00:00 2001
From: Jonas Jenwald <jonas.jenwald@gmail.com>
Date: Fri, 16 Oct 2020 12:57:01 +0200
Subject: [PATCH] Add more validation in the
 `PDFDocument._hasOnlyDocumentSignatures` method

If this method is ever passed invalid/unexpected data, or if during the course of parsing (since it's used recursively) such data is found, it will fail in a non-graceful way.
Hence this patch, which ensures that we don't attempt to access non-existent properties and also that errors such as the one fixed in PR 12479 wouldn't have occured.
---
 src/core/document.js | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/core/document.js b/src/core/document.js
index 8702ec21d..ca5030402 100644
--- a/src/core/document.js
+++ b/src/core/document.js
@@ -687,8 +687,15 @@ class PDFDocument {
    */
   _hasOnlyDocumentSignatures(fields, recursionDepth = 0) {
     const RECURSION_LIMIT = 10;
+
+    if (!Array.isArray(fields)) {
+      return false;
+    }
     return fields.every(field => {
       field = this.xref.fetchIfRef(field);
+      if (!(field instanceof Dict)) {
+        return false;
+      }
       if (field.has("Kids")) {
         if (++recursionDepth > RECURSION_LIMIT) {
           warn("_hasOnlyDocumentSignatures: maximum recursion depth reached");
@@ -937,6 +944,9 @@ class PDFDocument {
       : clearPrimitiveCaches();
   }
 
+  /**
+   * @private
+   */
   _collectFieldObjects(name, fieldRef, promises) {
     const field = this.xref.fetchIfRef(fieldRef);
     if (field.has("T")) {