Will hang on invalid PDFs

[wolever]

Doing some testing, I noticed that PyPDF2 will hang if it encounters an invalid PDF… for example, the skipOverComment function:

def skipOverComment(stream):
    tok = stream.read(1)
    stream.seek(-1, 1)
    if tok == b_('%'):
        while tok not in (b_('\n'), b_('\r')):
            tok = stream.read(1)

Will hang indefinitely.

I would propose three courses of action:

1. Wrap the stream in a method which will raise an exception after a certain number of empty reads; ex:

class SafeStream(object):
    def __init__(self, stream):
        self.stream = stream
        self.seek = stream.seek
        self.tell = stream.tell
        self._empty_reads = 0

    def read(self, *args):
        res = self.stream.read(*args)
        if res == "":
             self._empty_reads += 1
             if self._empty_reads > 1000:
                 raise Exception("too many empty reads")
        else:
             self._empty_reads = 0
        return res

2. Add a script for automating fuzz testing to the repo

3. Fix the bugs as the script from step (2) finds them

What do you think? Would you be open to patches for those?

[mstamy2]

Certainly we would be open to such patches. PyPDF2 will often hang on unexpected input (such as variations in syntax), where it should instead throw a proper exception and/or handle the data in the best way possible.

Your proposed plan would definitely help to improve PyPDF2.

[wolever]

:D awesome.

I've got a bit of a crunch at work coming up, but I'll take a look afterwards.

[whitemice]

I usually wrap processing of a document with PyPDF into some type of timer.

class TimeOutAlarm(Exception):
    pass

def timeout_alarm_handler(signum, frame):
    raise TimeOutAlarm

class RotationTimeOutException(Exception):
    pass

signal.signal(signal.SIGALRM, timeout_alarm_handler)
signal.alarm(15)

reader = PdfFileReader(rfile, strict=False, )
writer = PdfFileWriter()

for pagenum in range(reader.numPages):
    try:
        signal.alarm(15)
        page = reader.getPage(pagenum)
        if not counter_clockwise:
            page.rotateClockwise(rotate_degrees)
        else:
            page.rotateCounterClockwise(rotate_degrees)
        page.compressContentStreams()
        writer.addPage(page)
        signal.alarm(0)
        page = None
    except TimeOutAlarm:
        raise RotationTimeOutException
    else:
        writer.write(wfile)
writer = None

[MartinThoma]

Does anybody have a PDF showing this issue?

[MartinThoma]

If anybody runs into this issue again, please let me know. I close this for the moment.