Bug 416653 - PDF Deflate bombs may cause crashes or resource exhaustion
Summary: PDF Deflate bombs may cause crashes or resource exhaustion
Status: RESOLVED UPSTREAM
Alias: None
Product: okular
Classification: Applications
Component: PDF backend (show other bugs)
Version: 1.3.3
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: Okular developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-01-23 16:38 UTC by Jens Mueller
Modified: 2022-11-14 12:40 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Trivial PDF deflate bomb (01) (16.73 KB, application/gzip)
2020-01-23 16:38 UTC, Jens Mueller 		Details
Trivial PDF deflate bomb (02) (61.16 KB, application/gzip)
2020-01-23 16:39 UTC, Jens Mueller 		Details
Trivial PDF deflate bomb (03) (303.98 KB, application/gzip)
2020-01-23 16:39 UTC, Jens Mueller 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Jens Mueller 2020-01-23 16:38:10 UTC 
Streams in PDF files can be compressed, which may result in "deflate bombs" if not handled by the PDF processing application. Find attached three simple PDF compression bombs (10MB on disk to 10GB in memory). Note the compressed stream can be used multiple times in a single PDF document. The PDF files have been gzipped as a precaution mechanism, in order to prevent DoS when accidentally previewing them (gunzip them before the actual testing). Maybe resource limitations should be enforced by Okular / Poppler?
Comment 1 Jens Mueller 2020-01-23 16:38:51 UTC 
Created attachment 125332 [details]
Trivial PDF deflate bomb (01)
Comment 2 Jens Mueller 2020-01-23 16:39:43 UTC 
Created attachment 125333 [details]
Trivial PDF deflate bomb (02)
Comment 3 Jens Mueller 2020-01-23 16:39:57 UTC 
Created attachment 125334 [details]
Trivial PDF deflate bomb (03)
Comment 4 Albert Astals Cid 2020-01-23 23:02:55 UTC 
Okular doesn't do any pdf parsing.

Please report upstream at poppler.
Comment 5 Jens Mueller 2020-01-24 17:17:42 UTC 
I opened an issue for Poppler: https://gitlab.freedesktop.org/poppler/poppler/issues/878
If it's handled there, things should be fine.