Panic when parsing malformed PDF (add with overflow in `pom`)
5225225 opened this issue · 3 comments
5225225 commented
Test case (tested against latest git 53090ad)
fn main() {
let d = b"%PDF-1.5\n\
1 0 obj<</Type/Pages/KD\x02\x00\x005 0 R]/Count 1/Resources 3 0 R/MediaBox[0 0 595 842]>>endobj\n\
2 0 obj<</Type/Font/Subtype/Type1/BaseFont/Courier>>endobj\n\
3 0 obj<</Font<</F1 2 0 R>>>>endobj\n\
4 0 obj<</Length -5>>stream\n\
BT\n\
/F1 48 Tf\n\
100 600 Td\n\
(Hello World!) Tj\n\
ET\n\
endstream endobj\n\
5 0 obj<</Type/Page/Parent 1 0 R/Contents[4 %PDF-%\x00\n\
%\n\
%x\n\
%P0 obj<</Type/Catalog/Pages 1 0 R>>endobj\n\
xref\n\
0 7\n\
0000000000 65535 f \n\
0000000155 00000 n \n\
0000000191 00000 n \n\
000000028100 000 n \n\
0000000338 00000 n \n\
trailer\n\
<</Root 6 0 R/Size 7>>\n\
startxref\n\
381\n\
%%EOF";
let _ = lopdf::Document::load_mem(d);
}Stack trace with debug assertions on
thread 'main' panicked at 'attempt to add with overflow', /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:428:19
stack backtrace:
0: rust_begin_unwind
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/std/src/panicking.rs:498:5
1: core::panicking::panic_fmt
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/panicking.rs:107:14
2: core::panicking::panic
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/panicking.rs:48:5
3: pom::parser::take::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:428:13
4: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
5: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
6: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
7: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
8: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
9: pom::parser::Parser<I,O>::map::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:45:4
10: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
11: <pom::parser::Parser<I,O> as core::ops::bit::Shr<F>>::shr::{{closure}}::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:521:54
12: core::result::Result<T,E>::and_then
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/result.rs:966:22
13: <pom::parser::Parser<I,O> as core::ops::bit::Shr<F>>::shr::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:521:4
14: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
15: pom::parser::Parser<I,O>::map::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:45:4
16: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
17: <pom::parser::Parser<I,O> as core::ops::bit::BitOr>::bitor::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:536:11
18: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
19: <pom::parser::Parser<I,O> as core::ops::bit::BitOr>::bitor::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:532:46
20: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
21: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
22: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
23: <pom::parser::Parser<I,O> as core::ops::arith::Add<pom::parser::Parser<I,U>>>::add::{{closure}}::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:485:5
24: core::result::Result<T,E>::and_then
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/result.rs:966:22
25: <pom::parser::Parser<I,O> as core::ops::arith::Add<pom::parser::Parser<I,U>>>::add::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:484:4
26: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
27: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
28: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
29: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
30: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
31: <pom::parser::Parser<I,O> as core::ops::arith::Sub<pom::parser::Parser<I,U>>>::sub::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:497:4
32: <alloc::boxed::Box<F,A> as core::ops::function::Fn<Args>>::call
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/boxed.rs:1708:9
33: pom::parser::Parser<I,O>::parse_at
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/pom-3.2.0/src/parser.rs:33:3
34: lopdf::parser::indirect_object
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/parser.rs:193:5
35: lopdf::reader::Reader::read_object
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/reader.rs:239:9
36: lopdf::reader::Reader::read::{{closure}}
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/reader.rs:130:47
37: core::ops::function::impls::<impl core::ops::function::FnMut<A> for &mut F>::call_mut
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/ops/function.rs:269:13
38: core::iter::traits::iterator::Iterator::find_map::check::{{closure}}
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/traits/iterator.rs:2409:32
39: core::iter::traits::iterator::Iterator::try_fold
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/traits/iterator.rs:1995:21
40: core::iter::traits::iterator::Iterator::find_map
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/traits/iterator.rs:2415:9
41: <core::iter::adapters::filter_map::FilterMap<I,F> as core::iter::traits::iterator::Iterator>::next
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/adapters/filter_map.rs:61:9
42: alloc::vec::Vec<T,A>::extend_desugared
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/vec/mod.rs:2643:35
43: <alloc::vec::Vec<T,A> as alloc::vec::spec_extend::SpecExtend<T,I>>::spec_extend
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/vec/spec_extend.rs:18:9
44: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter_nested::SpecFromIterNested<T,I>>::from_iter
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/vec/spec_from_iter_nested.rs:37:9
45: <alloc::vec::Vec<T> as alloc::vec::spec_from_iter::SpecFromIter<T,I>>::from_iter
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/vec/spec_from_iter.rs:33:9
46: <alloc::vec::Vec<T> as core::iter::traits::collect::FromIterator<T>>::from_iter
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/vec/mod.rs:2546:9
47: core::iter::traits::iterator::Iterator::collect
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/traits/iterator.rs:1745:9
48: <alloc::collections::btree::map::BTreeMap<K,V> as core::iter::traits::collect::FromIterator<(K,V)>>::from_iter
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/alloc/src/collections/btree/map.rs:1939:34
49: core::iter::traits::iterator::Iterator::collect
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/iter/traits/iterator.rs:1745:9
50: lopdf::reader::Reader::read
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/reader.rs:161:37
51: lopdf::reader::<impl core::convert::TryInto<lopdf::document::Document> for &[u8]>::try_into
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/reader.rs:57:9
52: lopdf::reader::<impl lopdf::document::Document>::load_mem
at /home/jess/.cargo/registry/src/github.com-1ecc6299db9ec823/lopdf-0.26.0/src/reader.rs:49:9
53: scratchANUPIlSaA::main
at ./main.rs:30:13
54: core::ops::function::FnOnce::call_once
at /rustc/c9c4b5d7276297679387189d96a952f2b760e7ad/library/core/src/ops/function.rs:227:5
It does panic later in the file if stack traces are disabled, on a slice index error. This may be a pom bug and not a bug here.
5225225 commented
You should still return an error in that case, not panic.
load_mem returns a Result, so I'd expect it to never panic, regardless on what the input is.
J-F-Liu commented
Updated