From dac6ec31abd2a4e19f1bee26b95bcbb508522bf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20B=C3=BCnzli?= Date: Fri, 15 Aug 2014 13:35:43 +0200 Subject: try not to wrongly overwrite /ID when repairing encrypted documents If garbage is appended to an encrypted document, there could be another trailer with /ID but without /Encrypt . The repairing code currently always uses the last encountered values, but replacing the /ID value alone can cause decryption to break. One possible solution is to use the /ID value only when there's either none yet, when there's no /Encrypt or when there's a matching /Encrypt in the same trailer. See https://code.google.com/p/sumatrapdf/issues/detail?id=2697 for a document which Adobe Reader is able to read but MuPDF isn't (it used to before pdf_lex_no_string was introduced, but that's accidental). --- source/pdf/pdf-repair.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source/pdf') diff --git a/source/pdf/pdf-repair.c b/source/pdf/pdf-repair.c index e7449de8..1193a45c 100644 --- a/source/pdf/pdf-repair.c +++ b/source/pdf/pdf-repair.c @@ -413,7 +413,7 @@ pdf_repair_xref(pdf_document *doc, pdf_lexbuf *buf) } obj = pdf_dict_gets(dict, "ID"); - if (obj) + if (obj && (!id || !encrypt || pdf_dict_gets(dict, "Encrypt"))) { pdf_drop_obj(id); id = pdf_keep_obj(obj); -- cgit v1.2.3