[Pkg-javascript-commits] [pdf.js] 64/115: Ensure that `Lexer_getName` does not fail if a `Name` contains in invalid usage of the NUMBER SIGN (#) (issue 6692)

[David Prévot]

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository pdf.js.

commit 995e1a45b869982e1b4cc7e76a1a84532c88a3d3
Author: Jonas Jenwald <jonas.jenwald at gmail.com>
Date:   Thu Nov 26 13:27:12 2015 +0100

    Ensure that `Lexer_getName` does not fail if a `Name` contains in invalid usage of the NUMBER SIGN (#) (issue 6692)
    
    *This is a regression from PR 3424.*
    
    The PDF file in the referenced issue is using `Type3` fonts. In one of those, the `/CharProcs` dictionary contains an entry with the name `/#`. Before the changes to `Lexer_getName` in PR 3424, we were allowing certain invalid `Name` patterns containing the NUMBER SIGN (#).
    
    It's unfortunate that this has been broken for close to two and a half years before the bug surfaced, but it should at least indicate that this is not a widespread issue.
    
    Fixes 6692.
---
 src/core/parser.js           | 21 ++++++++++++++++++---
 test/pdfs/issue6692.pdf.link |  1 +
 test/test_manifest.json      |  9 +++++++++
 test/unit/parser_spec.js     | 15 ++++++++++++++-
 4 files changed, 42 insertions(+), 4 deletions(-)

diff --git a/src/core/parser.js b/src/core/parser.js
index f36202e..e43fe09 100644
--- a/src/core/parser.js
+++ b/src/core/parser.js
@@ -832,17 +832,32 @@ var Lexer = (function LexerClosure() {
       return strBuf.join('');
     },
     getName: function Lexer_getName() {
-      var ch;
+      var ch, previousCh;
       var strBuf = this.strBuf;
       strBuf.length = 0;
       while ((ch = this.nextChar()) >= 0 && !specialChars[ch]) {
         if (ch === 0x23) { // '#'
           ch = this.nextChar();
+          if (specialChars[ch]) {
+            warn('Lexer_getName: ' +
+                 'NUMBER SIGN (#) should be followed by a hexadecimal number.');
+            strBuf.push('#');
+            break;
+          }
           var x = toHexDigit(ch);
           if (x !== -1) {
-            var x2 = toHexDigit(this.nextChar());
+            previousCh = ch;
+            ch = this.nextChar();
+            var x2 = toHexDigit(ch);
             if (x2 === -1) {
-              error('Illegal digit in hex char in name: ' + x2);
+              warn('Lexer_getName: Illegal digit (' +
+                   String.fromCharCode(ch) +') in hexadecimal number.');
+              strBuf.push('#', String.fromCharCode(previousCh));
+              if (specialChars[ch]) {
+                break;
+              }
+              strBuf.push(String.fromCharCode(ch));
+              continue;
             }
             strBuf.push(String.fromCharCode((x << 4) | x2));
           } else {
diff --git a/test/pdfs/issue6692.pdf.link b/test/pdfs/issue6692.pdf.link
new file mode 100644
index 0000000..7b40615
--- /dev/null
+++ b/test/pdfs/issue6692.pdf.link
@@ -0,0 +1 @@
+http://web.archive.org/web/20151126121615/http://www.inf.ufg.br/~hugoribeiro/OSPs/osp-im.pdf
diff --git a/test/test_manifest.json b/test/test_manifest.json
index 178e2f0..054faf0 100644
--- a/test/test_manifest.json
+++ b/test/test_manifest.json
@@ -817,6 +817,15 @@
        "rounds": 1,
        "type": "eq"
     },
+    {  "id": "issue6692",
+       "file": "pdfs/issue6692.pdf",
+       "md5": "ba078e0ddd59cda4b6c51ea10599f49a",
+       "link": true,
+       "rounds": 1,
+       "firstPage": 11,
+       "lastPage": 11,
+       "type": "eq"
+    },
     {  "id": "devicen",
        "file": "pdfs/devicen.pdf",
        "md5": "aac6a91725435d1376c6ff492dc5cb75",
diff --git a/test/unit/parser_spec.js b/test/unit/parser_spec.js
index d052391..8f4ac78 100644
--- a/test/unit/parser_spec.js
+++ b/test/unit/parser_spec.js
@@ -1,4 +1,4 @@
-/* globals expect, it, describe, StringStream, Lexer, Linearization */
+/* globals expect, it, describe, StringStream, Lexer, Name, Linearization */
 
 'use strict';
 
@@ -77,6 +77,19 @@ describe('parser', function() {
 
       expect(result).toEqual('ABCD');
     });
+
+    it('should handle Names with invalid usage of NUMBER SIGN (#)', function() {
+      var inputNames = ['/# 680 0 R', '/#AQwerty', '/#A<</B'];
+      var expectedNames = ['#', '#AQwerty', '#A'];
+
+      for (var i = 0, ii = inputNames.length; i < ii; i++) {
+        var input = new StringStream(inputNames[i]);
+        var lexer = new Lexer(input);
+        var result = lexer.getName();
+
+        expect(result).toEqual(Name.get(expectedNames[i]));
+      }
+    });
   });
 
   describe('Linearization', function() {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/pdf.js.git