Commit graph

7 commits

Author SHA1 Message Date
wiz
4ff222a951 Update to 5.0.1:
2013-10-18  Jay Berkenbilt  <ejb@ql.org>

	* 5.0.1: release

	* Warn when -accessibility=n is specified with a modern encryption
	format (R > 3).  Also, accept this flag (and ignore with warning)
	with 256-bit encryption.  qpdf has always ignored the
	accessibility setting with R > 3, but it previously did so
	silently.

2013-10-05  Jay Berkenbilt  <ejb@ql.org>

	* Replace operator[] in std::string and std::vector with "at" in
	order to get bounds checking.  This reduces the chances that
	incorrect code will result in data exposure or buffer overruns.
	See README.hardening for additional notes.

	* Use cryptographically secure random number generation when
	available.  See additional notes in README.

	* Replace some assert() calls with std::logic_error exceptions.
	Ideally there shouldn't be assert() calls outside of testing.
	This change may make a few more potential code errors in handling
	invalid data recoverable.

	* Security fix: In places where std::vector<T>(size_t) was used,
	either validate that the size parameter is sane or refactor code
	to avoid the need to pre-allocate the vector.  This reduces the
	likelihood of allocating a lot of memory in response to invalid
	data in linearization hint streams.

	* Security fix: sanitize /W array in cross reference stream to
	avoid a potential integer overflow in a multiplication.  It is
	unlikely that any exploits were possible from this bug as
	additional checks were also performed.

	* Security fix: avoid buffer overrun that could be caused by bogus
	data in linearization hint streams.  The incorrect code could only
	be triggered when checking linearization data, which must be
	invoked explicitly.  qpdf does not check linearization data when
	reading or writing linearized files, but the qpdf --check command
	does check linearization data.

	* Security fix: properly handle empty strings in
	QPDF_Name::normalizeName.  The empty string is not a valid name
	and would never be parsed as a name, so there were no known
	conditions where this method could be called with an empty string.

	* Security fix: perform additional argument sanity checks when
	reading bit streams.

	* Security fix: in QUtil::toUTF8, change bounds checking to avoid
	having a pointer point temporarily outside the bounds of an
	array.  Some compiler optimizations could have made the original
	code unsafe.

2013-07-10  Jay Berkenbilt  <ejb@ql.org>

	* 5.0.0: release

	* 4.2.0 turned out to be binary incompatible on some platforms
	even though there were no changes to the public API.  Therefore
	the 4.2.0 release has been withdrawn, and is being replaced with a
	5.0.0 release that acknowledges the ABI change and also removes
	some problematic methods from the public API.

	* Remove methods from public API that were only intended to be
	used by QPDFWriter and really didn't make sense to call from
	anywhere else as they required internal knowledge that only
	QPDFWriter had:
	   - QPDF::getLinearizedParts
	   - QPDF::generateHintStream
	   - QPDF::getObjectStreamData
	   - QPDF::getCompressibleObjGens
	   - QPDF::getCompressibleObjects

2013-07-07  Jay Berkenbilt  <ejb@ql.org>

	* 4.2.0: release [withdrawn]

	* Ignore error case of a stream's decode parameters having invalid
	length when there are no stream filters.

	* qpdf: add --show-npages command-line option, which causes the
	number of pages in the input file to be printed on a line by
	itself.

	* qpdf: allow omission of range in --pages.  If range is omitted
	such that an argument that is supposed to be a range is an invalid
	range and a valid file name, the range of 1-z is assumed.  This
	makes it possible to merge a bunch of files with something like
	qpdf --empty out.pdf --pages *.pdf --

2013-06-15  Jay Berkenbilt  <ejb@ql.org>

	* Handle some additional broken files with missing /ID in trailer
	for encrypted files and with space rather than newline after xref.

2013-06-14  Jay Berkenbilt  <ejb@ql.org>

	* Detect and correct /Outlines dictionary being a direct object
	when linearizing files.  This is not allowed by the spec but has
	been seen in the wild.  Prior to this change, such a file would
	cause an internal error in the linearization code, which assumed
	/Outlines was indirect.

	* Add /Length key to crypt filter dictionary for encrypted files.
	This key is optional, but some version of MacOS reportedly fail to
	open encrypted PDF files without this key.

	* Bug fix: properly handle object stream generation when the
	original file has some compressible objects with generation != 0.

	* Add QPDF::getCompressibleObjGens() and deprecate
	QPDF::getCompressibleObjects(), which had a flaw in its logic.

	* Add new QPDFObjectHandle::getObjGen() method and indiciate in
	comments that its use is favored over getObjectID() and
	getGeneration() for most cases.

	* Add new QPDFObjGen object to represent an object ID/generation
	pair.

2013-04-14  Jay Berkenbilt  <ejb@ql.org>

	* 4.1.0: release

2013-03-25  Jay Berkenbilt  <ejb@ql.org>

	* manual/qpdf-manual.xml: Document the casting policy that is
	followed in qpdf's implementation.

2013-03-11  Jay Berkenbilt  <ejb@ql.org>

	* When creating Windows binary distributions, make sure to only
	copy DLLs of the correct type.  The ensures that the 32-bit
	distributions contain 32-bit DLLs and the 64-bit distributions
	contain 64-bit DLLs.

2013-03-07  Jay Berkenbilt  <ejb@ql.org>

	* Use ./install-sh (already present) instead of "install -c" to
	install executables to fix portability problems against different
	UNIX variants.

2013-03-03  Jay Berkenbilt  <ejb@ql.org>

	* Add protected terminateParsing method to
	QPDFObjectHandle::ParserCallbacks that implementor can call to
	terminate parsing of a content stream.

2013-02-28  Jay Berkenbilt  <ejb@ql.org>

	* Favor fopen_s and strerror_s on MSVC to avoid CRT security
	warnings.  This is useful for people who may want to use qpdf in
	an application that is Windows 8 certified.

	* New method QUtil::safe_fopen to wrap calls to fopen.  This is
	less cumbersome than calling QUtil::fopen_wrapper.

	* Remove all calls to sprintf

	* New method QUtil::int_to_string_base to convert to octal or
	hexademical (or decimal) strings without using sprintf

2013-02-26  Jay Berkenbilt  <ejb@ql.org>

	* Rewrite QUtil::int_to_string and QUtil::double_to_string to
	remove internal length limits but to remain backward compatible
	with the old versions for valid inputs.

2013-02-23  Jay Berkenbilt  <ejb@ql.org>

	* Bug fix: properly handle overridden compressed objects.  When
	caching objects from an object stream, only cache objects that,
	based on the xref table, would actually be resolved into this
	stream.  Prior to this fix, if an object stream A contained an
	object B that was overridden by an appended section of the file,
	qpdf would cache the old value of B if any non-overridden member
	of A was accessed before B.  This commit fixes that bug.

2013-01-31  Jay Berkenbilt  <ejb@ql.org>

	* Do not remove libtool's .la file during the make install step.
	Note to packagers: if your distribution wants to you remove the
	.la file, you will have to do that yourself now.

2013-01-25  Jay Berkenbilt  <ejb@ql.org>

	* New method QUtil::hex_encode to encode binary data as a
	hexadecimal string

	* qpdf --check was exiting with status 0 in some rare cases even
	when errors were found.  It now always exits with one of the
	document error codes (0 for success, 2 for errors, 3 or warnings).

2013-01-24  Jay Berkenbilt  <ejb@ql.org>

	* Make --enable-werror work for MSVC, and generally handle warning
	options better for that compiler.  Warning flags for that compiler
	were previous hard-coded into the build with /WX enabled
	unconditionally.

	* Split warning flags into WFLAGS in autoconf.mk to make them
	easier to override.  Before they were repeated in CFLAGS and
	CXXFLAGS and were commingled with other compiler flags.

	* qpdf --check now does syntactic checks all pages' content
	streams as well as checking overall document structure.  Semantic
	errors are still not checked, and there are no plans to add
	semantic checks.

2013-01-22  Jay Berkenbilt  <ejb@ql.org>

	* Add QPDFObjectHandle::getTypeCode().  This method returns a
	unique integer (enumerated type) value corresponding to the object
	type of the QPDFObjectHandle.  It can be used as an alternative to
	the QPDFObjectHandle::is* methods for type testing, particularly
	where there is a desire to use a switch statement or optimize for
	performance when testing object types.

	* Add QPDFObjectHandle::getTypeName().  This method returns a
	string literal describing the object type.  It is useful for
	testing and debugging.

2013-01-20  Jay Berkenbilt  <ejb@ql.org>

	* Add QPDFObjectHandle::parseContentStream, which parses the
	objects in a content stream and calls handlers in a callback
	class.  The example pdf-parse-content illustrates it use.

	* Add QPDF_Operator and QPDF_InlineImage types along with
	appropriate wrapper methods in QPDFObjectHandle.  These new object
	types are to facilitate content stream parsing.
2013-10-23 09:07:27 +00:00
wiz
d2ca14a3f1 Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.
2013-05-31 12:39:57 +00:00
joerg
8d7098b5ab Add missing include. 2013-05-09 14:01:43 +00:00
rodent
6b46c62d2e Edited DESCR in the case of:
File too long (should be no more than 24 lines).
 Line too long (should be no more than 80 characters).
 Trailing empty lines.
 Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.
2013-04-07 20:49:31 +00:00
joerg
af57a664bf Don't add default arguments at implementation time. 2013-03-02 17:58:35 +00:00
drochner
23d8d8d477 needs libz, doesn't need bash 2013-02-12 12:35:34 +00:00
wiz
55b17cd6de Import qpdf-4.0.1 as print/qpdf, packaged by dillo@.
QPDF is a command-line program that does structural, content-preserving
transformations on PDF files.  It could have been called something
like pdf-to-pdf. It also provides many useful capabilities to
developers of PDF-producing software or for people who just want
to look at the innards of a PDF file to learn more about how they
work.

QPDF is capable of creating linearized (also known as web-optimized)
files and encrypted files. It is also capable of converting PDF
files with object streams (also known as compressed objects) to
files with no compressed objects or to generate object streams from
files that don't have them (or even those that already do). QPDF
also supports a special mode designed to allow you to edit the
content of PDF files in a text editor. For more details, please
see the documentation links below.

QPDF includes support for merging and splitting PDFs through the
ability to copy objects from one PDF file into another and to
manipulate the list of pages in a PDF file. The QPDF library also
makes it possible for you to create PDF files from scratch. In this
mode, you are responsible for supplying all the contents of the
file, while the QPDF library takes care off all the syntactical
representation of the objects, creation of cross references tables
and, if you use them, object streams, encryption, linearization,
and other syntactic details.

QPDF is not a PDF content creation library, a PDF viewer, or a
program capable of converting PDF into other formats. In particular,
QPDF knows nothing about the semantics of PDF content streams. If
you are looking for something that can do that, you should look
elsewhere. However, once you have a valid PDF file, QPDF can be
used to transform that file in ways perhaps your original PDF
creation can't handle. For example, programs generate simple PDF
files but can't password-protect them, web-optimize them, or perform
other transformations of that type.
2013-01-31 21:45:23 +00:00