Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ignore reserved commands when parsing operands in CFFParser_parseDict, instead of just rejecting the entire font (bug 1308536)

Browse Source 
According to the CFF specification, see http://partners.adobe.com/public/developer/en/font/5176.CFF.pdf#page=11, certain commands are currently reserved.

Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1308536.
This commit is contained in:
Jonas Jenwald 2016-10-07 20:51:02 +02:00
parent 9f8d67475e
commit 9dc6463933
5 changed files with 50 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/core/cff_parser.js
View File

@ -349,9 +349,9 @@ var CFFParser = (function CFFParserClosure() {
} else if (value >= 251 && value <= 254) { } else if (value >= 251 && value <= 254) {
return -((value - 251) * 256) - dict[pos++] - 108; return -((value - 251) * 256) - dict[pos++] - 108;
} else { } else {
error('255 is not a valid DICT command'); warn('CFFParser_parseDict: "' + value + '" is a reserved command.');
return NaN;
} }
return -1;
} }
function parseFloatOperand() { function parseFloatOperand() {
@ -1000,19 +1000,22 @@ var CFFDict = (function CFFDictClosure() {
if (!(key in this.keyToNameMap)) { if (!(key in this.keyToNameMap)) {
return false; return false;
} }
var valueLength = value.length;
// ignore empty values // ignore empty values
if (value.length === 0) { if (valueLength === 0) {
return true; return true;
} }
// Ignore invalid values (fixes bug1068432.pdf and bug1308536.pdf).
for (var i = 0; i < valueLength; i++) {
if (isNaN(value[i])) {
warn('Invalid CFFDict value: "' + value + '" for key "' + key + '".');
return true;
}
}
var type = this.types[key]; var type = this.types[key];
// remove the array wrapping these types of values // remove the array wrapping these types of values
if (type === 'num' || type === 'sid' || type === 'offset') { if (type === 'num' || type === 'sid' || type === 'offset') {
value = value[0]; value = value[0];
// Ignore invalid values (fixes bug 1068432).
if (isNaN(value)) {
warn('Invalid CFFDict value: ' + value + ', for key: ' + key + '.');
return true;
}
} }
this.values[key] = value; this.values[key] = value;
return true; return true;

1
test/pdfs/.gitignore vendored
View File

@ -54,6 +54,7 @@
!bug1068432.pdf !bug1068432.pdf
!bug1146106.pdf !bug1146106.pdf
!bug1252420.pdf !bug1252420.pdf
!bug1308536.pdf
!issue5564_reduced.pdf !issue5564_reduced.pdf
!canvas.pdf !canvas.pdf
!bug1132849.pdf !bug1132849.pdf

BIN
test/pdfs/bug1308536.pdf Normal file
View File

Binary file not shown.

7
test/test_manifest.json
View File

@ -784,6 +784,13 @@
"link": false, "link": false,
"type": "load" "type": "load"
}, },
{ "id": "bug1308536",
"file": "pdfs/bug1308536.pdf",
"md5": "cc2258981e33ad8d96acbf87318716d5",
"rounds": 1,
"link": false,
"type": "eq"
},
{ "id": "bug1252420", { "id": "bug1252420",
"file": "pdfs/bug1252420.pdf", "file": "pdfs/bug1252420.pdf",
"md5": "f21c911b9b655972b06ef782a1fa6a17", "md5": "f21c911b9b655972b06ef782a1fa6a17",

35
test/unit/cff_parser_spec.js
View File

@ -1,5 +1,6 @@
/* globals describe, it, expect, beforeAll, afterAll, Stream, CFFParser, /* globals describe, it, expect, beforeAll, afterAll, beforeEach, afterEach,
SEAC_ANALYSIS_ENABLED, CFFIndex, CFFStrings, CFFCompiler */ Stream, CFFParser, SEAC_ANALYSIS_ENABLED, CFFIndex, CFFStrings,
CFFCompiler */
'use strict'; 'use strict';
@ -33,14 +34,22 @@ describe('CFFParser', function() {
fontArr.push(parseInt(hex, 16)); fontArr.push(parseInt(hex, 16));
} }
fontData = new Stream(fontArr); fontData = new Stream(fontArr);
done();
});
afterAll(function () {
fontData = null;
});
beforeEach(function (done) {
parser = new CFFParser(fontData, {}, SEAC_ANALYSIS_ENABLED); parser = new CFFParser(fontData, {}, SEAC_ANALYSIS_ENABLED);
cff = parser.parse(); cff = parser.parse();
done(); done();
}); });
afterAll(function () { afterEach(function (done) {
fontData = parser = cff = null; parser = cff = null;
done();
}); });
it('parses header', function() { it('parses header', function() {
@ -104,6 +113,24 @@ describe('CFFParser', function() {
expect(topDict.getByName('UnderlinePosition')).toEqual(defaultValue); expect(topDict.getByName('UnderlinePosition')).toEqual(defaultValue);
}); });
it('ignores reserved commands in parseDict, and refuses to add privateDict ' +
'keys with invalid values (bug 1308536)', function () {
var bytes = new Uint8Array([
64, 39, 31, 30, 252, 114, 137, 115, 79, 30, 197, 119, 2, 99, 127, 6
]);
parser.bytes = bytes;
var topDict = cff.topDict;
topDict.setByName('Private', [bytes.length, 0]);
var parsePrivateDict = function () {
parser.parsePrivateDict(topDict);
};
expect(parsePrivateDict).not.toThrow();
var privateDict = topDict.privateDict;
expect(privateDict.getByName('BlueValues')).toBeNull();
});
it('parses a CharString having cntrmask', function() { it('parses a CharString having cntrmask', function() {
var bytes = new Uint8Array([0, 1, // count var bytes = new Uint8Array([0, 1, // count
1, // offsetSize 1, // offsetSize