Disallow non-ASCII keys in dicts when parsing with CPDF_SyntaxParser.
- Update a test PDF used in an embedder test with a non-ASCII key.
- Add a CHECK() to CPDF_Dictionary::SetFor() to flush out other cases.
Change-Id: I3a3b98e319e65713c6d569003525998cae3d1dd8
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/82870
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fpdfapi/parser/cpdf_dictionary.cpp b/core/fpdfapi/parser/cpdf_dictionary.cpp
index 2f77a60..daeb765 100644
--- a/core/fpdfapi/parser/cpdf_dictionary.cpp
+++ b/core/fpdfapi/parser/cpdf_dictionary.cpp
@@ -211,6 +211,7 @@
CPDF_Object* CPDF_Dictionary::SetFor(const ByteString& key,
RetainPtr<CPDF_Object> pObj) {
CHECK(!key.IsEmpty());
+ CHECK(key.AsStringView().IsASCII());
CHECK(!IsLocked());
if (!pObj) {
m_Map.erase(key);
diff --git a/core/fpdfapi/parser/cpdf_syntax_parser.cpp b/core/fpdfapi/parser/cpdf_syntax_parser.cpp
index 47f4f1a..2560e98 100644
--- a/core/fpdfapi/parser/cpdf_syntax_parser.cpp
+++ b/core/fpdfapi/parser/cpdf_syntax_parser.cpp
@@ -592,7 +592,9 @@
// `key` has to be "/X" at the minimum.
if (key.GetLength() > 1) {
ByteString key_no_slash(key.raw_str() + 1, key.GetLength() - 1);
- pDict->SetFor(key_no_slash, std::move(pObj));
+ // `key_no_slash` must be ASCII, per PDF 32000 standard, section 7.2.1.
+ if (key_no_slash.AsStringView().IsASCII())
+ pDict->SetFor(key_no_slash, std::move(pObj));
}
}
diff --git a/testing/resources/bad_dict_keys.in b/testing/resources/bad_dict_keys.in
index 3f53c28..9eb648b 100644
--- a/testing/resources/bad_dict_keys.in
+++ b/testing/resources/bad_dict_keys.in
@@ -10,6 +10,7 @@
/Count 1
/Kids [3 0 R]
/ [3 0 R]
+ /#80 [3 0 R]
>>
endobj
{{object 3 0}} <<
diff --git a/testing/resources/bad_dict_keys.pdf b/testing/resources/bad_dict_keys.pdf
index b55c434..9ab931c 100644
--- a/testing/resources/bad_dict_keys.pdf
+++ b/testing/resources/bad_dict_keys.pdf
@@ -11,6 +11,7 @@
/Count 1
/Kids [3 0 R]
/ [3 0 R]
+ /#80 [3 0 R]
>>
endobj
3 0 obj <<
@@ -23,11 +24,11 @@
0000000000 65535 f
0000000015 00000 n
0000000068 00000 n
-0000000169 00000 n
+0000000184 00000 n
trailer <<
/Root 1 0 R
/Size 4
>>
startxref
-220
+235
%%EOF