diff options
Diffstat (limited to 'core/fpdfapi/parser/cpdf_security_handler.cpp')
| -rw-r--r-- | core/fpdfapi/parser/cpdf_security_handler.cpp | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp index 5476b5485e..61834fca13 100644 --- a/core/fpdfapi/parser/cpdf_security_handler.cpp +++ b/core/fpdfapi/parser/cpdf_security_handler.cpp @@ -386,10 +386,11 @@ bool CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password, if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) return false; - bool encrypted = IsMetadataEncrypted(); - if ((buf[8] == 'T' && !encrypted) || (buf[8] == 'F' && encrypted)) - return false; - return true; + // Relax this check as there appear to be some non-conforming documents + // in the wild. The value in the buffer is the truth; if it requires us + // to encrypt metadata, but the dictionary says otherwise, then we may + // have a tampered doc. Otherwise, give it a pass. + return buf[8] == 'F' || IsMetadataEncrypted(); } bool CPDF_SecurityHandler::CheckPassword(const uint8_t* password, |