Improve mutool clean behaviour on broken streams.

When cleaning a file with a corrupt stream in it, historically mupdf
would give up when it encountered such a stream. This is often not
what is desired, as information can be lost.

The changes herein allow us to use our best efforts when reading
a stream, so that broken streams are reproduced in the output
cleaned file.

Problem found in a test file, pdf_001/2599.pdf.asan.58.1778 supplied
by Mateusz "j00ru" Jurczyk and Gynvael Coldwind of the Google
Security Team using Address Sanitizer. Many thanks!

1 files changed, 18 insertions, 2 deletions

diff --git a/fitz/stm_read.c b/fitz/stm_read.c
index 848ceef1..84fd877f 100644
--- a/fitz/stm_read.c
+++ b/fitz/stm_read.c
@@ -92,12 +92,21 @@ fz_fill_buffer(fz_stream *stm)
 fz_buffer *
 fz_read_all(fz_stream *stm, int initial)
 {
+	return fz_read_best(stm, initial, NULL);
+}
+
+fz_buffer *
+fz_read_best(fz_stream *stm, int initial, int *truncated)
+{
 	fz_buffer *buf = NULL;
 	int n;
 	fz_context *ctx = stm->ctx;
 
 	fz_var(buf);
 
+	if (truncated)
+		*truncated = 0;
+
 	fz_try(ctx)
 	{
 		if (initial < 1024)
@@ -124,8 +133,15 @@ fz_read_all(fz_stream *stm, int initial)
 	}
 	fz_catch(ctx)
 	{
-		fz_drop_buffer(ctx, buf);
-		fz_rethrow(ctx);
+		if (truncated)
+		{
+			*truncated = 1;
+		}
+		else
+		{
+			fz_drop_buffer(ctx, buf);
+			fz_rethrow(ctx);
+		}
 	}
 	fz_trim_buffer(ctx, buf);