What steps will reproduce the problem?
1. Run pdf2ruby on malicious pdf that uses /Colors <int> where <int> is > then
4
What is the expected output? What do you see instead?
Since this library and associated binaries are tailored to working with
malicious pdfs it would be nice if pdf2ruby would be able to process such files
instead I get:
$ pdf2ruby adobe_flatedecode_predictor02-exploit.pdf[*] Loading document
'adobe_flatedecode_predictor02-exploit.pdf'
[*] Document successfully loaded into Origami
[*] Retrieving all indirect objects...
[*] Retrieving the document Catalog...
[*] Processing the object hierarchy...
origami-1.2.3/lib/origami/stream.rb:367:in `rescue in decode_data': Error while
decoding stream 7 0 R (Origami::InvalidStreamObjectError)
-> [Origami::Filter::PredictorError] Colors must be between 1 and 4
What version of the product are you using? On what operating system?
origami-1.2.3, ubuntu linux, ruby-1.9.2-p0 via rvm
Please provide any additional information below.
Consider the following attachment as an example which is a exploit generated by
the metasploit adobe_flatedecode_predictor02 (with flate and encoding
disabled). Object 7 triggers the CVE 2009-3459 with an integer overflow
(/Colors 1073741838 which is invalid as per the pdf specification).
Also I am really impressed with this gem! Thanks for all the work!
Original issue reported on code.google.com by Dennison...@gmail.com on 20 Dec 2011 at 10:22
Original issue reported on code.google.com by
Dennison...@gmail.comon 20 Dec 2011 at 10:22Attachments: