[Dev-luatex] Bug in pdf/pdftables.w

Lars Hamren lh at sdu.se
Sun Sep 11 18:39:44 CEST 2016


Hi,

Those who enjoy such things can try to find the bug in this code, which
happes to have for quite some time:

     int pdf_create_obj(PDF pdf, int t, int i)
     {
         int a;
         char *ss = NULL;
         if (pdf->obj_ptr == sup_obj_tab_size)
             overflow("indirect objects table size", (unsigned) pdf->obj_tab_size);
         if (pdf->obj_ptr == pdf->obj_tab_size) {
             a = pdf->obj_tab_size / 5;
             if (pdf->obj_tab_size < sup_obj_tab_size - a)
                 pdf->obj_tab_size = pdf->obj_tab_size + a;
             else
                 pdf->obj_tab_size = sup_obj_tab_size;
             pdf->obj_tab = xreallocarray(pdf->obj_tab, obj_entry, (unsigned) pdf->obj_tab_size);
         }
         pdf->obj_ptr++;
         obj_info(pdf, pdf->obj_ptr) = i;
         obj_type(pdf, pdf->obj_ptr) = t;

It is both simple and potentially fatal.

Answer in my next post.

/Lars
-------------------------------------------------------------------
Lars Hamrén              WWW...: www.sdu.se
Vadmöllan 211            Mobile: +46(705)189090
S-225 94 Lund
Sweden


More information about the dev-luatex mailing list