Bug 435260 - Strange checking for signing bounds
Summary: Strange checking for signing bounds
Status: ASSIGNED
Alias: None
Product: okular
Classification: Applications
Component: general (show other bugs)
Version: 20.12.3
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: Okular developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-02 12:04 UTC by Oleg Solovyov
Modified: 2021-04-28 08:57 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments
signed PDF (163.53 KB, application/pdf)
2021-04-02 12:04 UTC, Oleg Solovyov
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Oleg Solovyov 2021-04-02 12:04:44 UTC
Created attachment 137267 [details]
signed PDF

SUMMARY
As far as I can see in the code, only byteRange.last() and byteRange.first() are used.

That's strange because of:
$ pdfsig ul-1172651010388-20210402102439.pdf 
Internal Error (0): couldn't find default Firefox Folder
Digital Signature Info of: ul-1172651010388-20210402102439.pdf
[...]
  - Signed Ranges: [0 - 23225], [31227 - 167454]

Signed Ranges becomes in pairs. Thus, when getting signed data, okular will treat the whole PDF file to be signed, which is not the case.

I'm preparing a patch now, which will get this issue solved.
Comment 1 Albert Astals Cid 2021-04-03 09:36:19 UTC
pdfsig is unrelated to okular. Please report this against poppler at https://gitlab.freedesktop.org/poppler/poppler/-/issues
Comment 2 Oleg Solovyov 2021-04-03 09:39:17 UTC
(In reply to Albert Astals Cid from comment #1)
> pdfsig is unrelated to okular. Please report this against poppler at
> https://gitlab.freedesktop.org/poppler/poppler/-/issues

poppler behaviour is correct.
Comment 3 Oleg Solovyov 2021-04-03 09:42:29 UTC
In case I mentioned above, okular will treat [0 - 23225], [31227 - 167454] and [0  - 167454] as the same, which is incorrect. It's the okular bug.
Comment 4 Albert Astals Cid 2021-04-03 09:49:10 UTC
I really don't understand with "will treat [0 - 23225], [31227 - 167454] and [0  - 167454] as the same".

Can you clarify?
Comment 5 Oleg Solovyov 2021-04-04 10:19:23 UTC
(In reply to Albert Astals Cid from comment #4)
> I really don't understand with "will treat [0 - 23225], [31227 - 167454] and
> [0  - 167454] as the same".
> 
> Can you clarify?

In the
Document::requestSignedRevisionData(const Okular::SignatureInfo &info)
{
[...]
const QList<qint64> byteRange = info.signedRangeBounds();
f.seek(byteRange.first());
QByteArray data;
QDataStream stream(&data, QIODevice::WriteOnly);
stream << f.read(byteRange.last() - byteRange.first());
f.close();
[...]
}

When byteRange == (0, 167454) the data from bytes 0-167454 will be returned.
What will happen when byteRange == (0, 23225, 31227, 167454)?
As far as I can see from code, the data from bytes 0-167454 will be returned.
Or, speaking differently, the data from bytes 23226-31226 will be included to byte array we return instead of being skipped because they are not signed and poppler knows about it, formatting signed ranges in pairs for user.
Okular for some reason behaves differently and grabs first and last item from byteRange in assumption that it contains the _one and only_ pair.
Comment 6 Albert Astals Cid 2021-04-07 20:35:25 UTC
I honestly don't see how that is a problem, the gap in the middle of ByteRange is the contents of the signature itself, so why does it matter whether that part is included or not when viewing what was signed?
Comment 7 Oleg Solovyov 2021-04-08 06:16:41 UTC
(In reply to Albert Astals Cid from comment #6)
> I honestly don't see how that is a problem
That definitely doesn't mean that there is no problem.

Will this bug being fixed cause any problems?
Or fixing this bug will be a problem itself?
If answers are "no", I can apply the same "why this is a problem" logic.

> so why does it matter whether that part is included or not when viewing what was signed?

Documentation says:
> Returns the part of document covered by the given signature @p info.
In current implementation uncovered parts are returned when there are gaps.
Hence, there is documentation/behavior mismatch.

PS why you're asking such questions if you certain that there is no matter whether that part is included or not?
Comment 8 Oleg Solovyov 2021-04-26 15:06:41 UTC
ping!
Comment 9 Yuri Chornoivan 2021-04-26 15:14:16 UTC
(In reply to Oleg Solovyov from comment #8)
> ping!

You can propose your patches here:

https://invent.kde.org/graphics/okular
Comment 10 Bug Janitor Service 2021-04-28 08:57:36 UTC
A possibly relevant merge request was started @ https://invent.kde.org/graphics/okular/-/merge_requests/418