From a531c98cd2bdc53e62011b9836f34aea41975c55 Mon Sep 17 00:00:00 2001 From: Jonas Jenwald Date: Mon, 14 Sep 2020 13:21:55 +0200 Subject: [PATCH 1/2] Ensure that the empty dictionary won't be accidentally modified Currently there's nothing that prevents modification of the `Dict.empty` primitive, which obviously needs to be *truly* empty to prevent any future (hard to find) bugs. --- src/core/primitives.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core/primitives.js b/src/core/primitives.js index 39eddf984..a1e83b165 100644 --- a/src/core/primitives.js +++ b/src/core/primitives.js @@ -171,7 +171,14 @@ var Dict = (function DictClosure() { }, }; - Dict.empty = new Dict(null); + Dict.empty = (function () { + const emptyDict = new Dict(null); + + emptyDict.set = (key, value) => { + unreachable("Should not call `set` on the empty dictionary."); + }; + return emptyDict; + })(); Dict.merge = function ({ xref, dictArray, mergeSubDicts = false }) { const mergedDict = new Dict(xref); From ed4e7cd8a495e092add73ef168ec7ed74ea4bdea Mon Sep 17 00:00:00 2001 From: Jonas Jenwald Date: Mon, 14 Sep 2020 13:31:33 +0200 Subject: [PATCH 2/2] A couple of small improvements in the "SaveDocument" handler in `src/core/worker.js` - Check that the "Info"-entry, in the XRef-trailer, is actually a dictionary before accessing it. This is similar to the `PDFDocument.documentInfo` method and follows the general principal of validating data carefully before accessing it, given how often PDF-software may create corrupt PDF files. - Slightly simplify the "XFA"-lookup, since there's no point in trying to fetch something from the empty dictionary. --- src/core/worker.js | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/core/worker.js b/src/core/worker.js index 4fdd44e92..bd6257de0 100644 --- a/src/core/worker.js +++ b/src/core/worker.js @@ -32,7 +32,7 @@ import { VerbosityLevel, warn, } from "../shared/util.js"; -import { clearPrimitiveCaches, Dict, isDict, Ref } from "./primitives.js"; +import { clearPrimitiveCaches, Dict, Ref } from "./primitives.js"; import { LocalPdfManager, NetworkPdfManager } from "./pdf_manager.js"; import { incrementalUpdate } from "./writer.js"; import { isNodeJS } from "../shared/is_node.js"; @@ -548,8 +548,7 @@ class WorkerMessageHandler { return stream.bytes; } - acroForm = isDict(acroForm) ? acroForm : Dict.empty; - const xfa = acroForm.get("XFA") || []; + const xfa = (acroForm instanceof Dict && acroForm.get("XFA")) || []; let xfaDatasets = null; if (Array.isArray(xfa)) { for (let i = 0, ii = xfa.length; i < ii; i += 2) { @@ -568,7 +567,7 @@ class WorkerMessageHandler { // Get string info from Info in order to compute fileId const _info = Object.create(null); const xrefInfo = xref.trailer.get("Info") || null; - if (xrefInfo) { + if (xrefInfo instanceof Dict) { xrefInfo.forEach((key, value) => { if (isString(key) && isString(value)) { _info[key] = stringToPDFString(value);