[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [pdf-devel] LZWEncode Bug Report
From: |
Georg Gottleuber |
Subject: |
Re: [pdf-devel] LZWEncode Bug Report |
Date: |
Wed, 03 Aug 2011 11:43:00 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.17) Gecko/20110705 Lightning/1.0b2 Lanikai/3.1.10 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello.
On 28.07.2011 14:40, David Stroud wrote:
> The above code, when compressed with rle, flate and ahex (singularly or
> stacked), works with no problems (on adobe reader 8). However, as soon as I
> introduce lzw into it, either on it's own or stacked with one or all the
> others, the exploit doesn't trigger. I tried the code without any whitespace
> as well, but no luck there either.
At the moment I am doing a review of the lzw filter and found a bug that
sometimes causes an additional unspecified 0 byte at the end of the
encoded lzw stream (patch attached).
Maybe this caused your problem (I have not reproduced it). Please send
me the corrupt PDF or encoded lzw-buffer so that I can debug the
decoding process with the same input.
Regards,
Georg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk45GCQACgkQ5sLITM1qIaJxSQCeJNuFWC0mmNh9gONp/LsS072m
QWkAn0KH562195x+d0LrtQ6R9V5rtp1k
=SBmU
-----END PGP SIGNATURE-----
lzw_bugfix_patch
Description: Text document
- Re: [pdf-devel] LZWEncode Bug Report,
Georg Gottleuber <=