Attempt to shift left with overflow panic when checking pdf file

Question

Attempt to shift left with overflow panic when checking pdf file

Closed this issue 4 months ago · 1 comments

fn check_file(file_path: &str) {
    match FileOptions::cached().open(&file_path) {
        Ok(file) => {
            for idx in 0..file.num_pages() {
                if let Ok(page) = file.get_page(idx) {
                    let _ = page.media_box();
                    let _ = page.crop_box();
                    let _ = page.resources();
                }
                let _ = file.get_root();
            }
        }
        Err(e) => println!("{}    -     {:?}", file_path, e),
    }
}

thread 'main' panicked at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/parser/parse_xref.rs:55:19:
attempt to shift left with overflow
stack backtrace:
   0: rust_begin_unwind
             at /rustc/fcaa6fdfbee1316184e7ad98c53241d52cd30a5f/library/std/src/panicking.rs:665:5
   1: core::panicking::panic_fmt
             at /rustc/fcaa6fdfbee1316184e7ad98c53241d52cd30a5f/library/core/src/panicking.rs:74:14
   2: core::panicking::panic_const::panic_const_shl_overflow
             at /rustc/fcaa6fdfbee1316184e7ad98c53241d52cd30a5f/library/core/src/panicking.rs:181:21
   3: pdf::parser::parse_xref::read_u64_from_stream
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/parser/parse_xref.rs:55:19
   4: pdf::parser::parse_xref::parse_xref_section_from_stream
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/parser/parse_xref.rs:32:22
   5: pdf::parser::parse_xref::parse_xref_stream_and_trailer
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/parser/parse_xref.rs:84:26
   6: pdf::parser::parse_xref::read_xref_and_trailer_at
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/parser/parse_xref.rs:136:9
   7: pdf::backend::Backend::read_xref_table_and_trailer
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/backend.rs:62:43
   8: pdf::file::Storage<B,OC,SC,L>::load_storage_and_trailer_password
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/file.rs:157:34
   9: pdf::file::File<B,OC,SC,L>::load_data
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/file.rs:606:23
  10: pdf::file::FileOptions<OC,SC,L>::load
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/file.rs:592:9
  11: pdf::file::FileOptions<OC,SC,L>::open
             at /home/runner/.cargo/git/checkouts/pdf-3ef1c528a9b91eec/b0f40b6/pdf/src/file.rs:582:9
  12: pdf::check_file
             at ./src/crates/pdf/src/main.rs:26:11
  13: pdf::main
             at ./src/crates/pdf/src/main.rs:21:9
  14: core::ops::function::FnOnce::call_once
             at /rustc/fcaa6fdfbee1316184e7ad98c53241d52cd30a5f/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
timeout: the monitored command dumped core

##### Automatic Fuzzer note, output status "None", output signal "Some(6)"

compressed.zip

Answer 1 · 2024-08-02T15:40:55.000Z

Pretty sure that's the same bug as #229