diff options
| author | Philipp Lohmann [pl] <Philipp.Lohmann@Oracle.COM> | 2011-02-03 17:54:31 +0100 |
|---|---|---|
| committer | Philipp Lohmann [pl] <Philipp.Lohmann@Oracle.COM> | 2011-02-03 17:54:31 +0100 |
| commit | db944ee55fc510ca5940728b0d16a852f12842d8 (patch) | |
| tree | 8cc42dc7305397e6e7fbcfbce25a34fb013e80a6 | |
| parent | 5d1335e1f02b0ebaee310d811214b18e8a276698 (diff) | |
vcl119: #163136# do not pass a clear text password to xpdf
| -rw-r--r-- | sdext/source/pdfimport/filterdet.cxx | 4 | ||||
| -rw-r--r-- | sdext/source/pdfimport/inc/pdfparse.hxx | 2 | ||||
| -rw-r--r-- | sdext/source/pdfimport/pdfparse/pdfentries.cxx | 18 | ||||
| -rwxr-xr-x | sdext/source/pdfimport/wrapper/wrapper.cxx | 13 | ||||
| -rw-r--r-- | sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx | 19 | ||||
| -rw-r--r-- | xpdf/makefile.mk | 2 | ||||
| -rw-r--r-- | xpdf/xpdf-3.02-ooopwd.patch | 101 |
7 files changed, 148 insertions, 11 deletions
diff --git a/sdext/source/pdfimport/filterdet.cxx b/sdext/source/pdfimport/filterdet.cxx index e9d58cfdb3b2..d5fcf30a803c 100644 --- a/sdext/source/pdfimport/filterdet.cxx +++ b/sdext/source/pdfimport/filterdet.cxx @@ -718,6 +718,8 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString& rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd, RTL_TEXTENCODING_ISO_8859_1 ); bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() ); + // trash password string on heap + rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() ); } if( ! bAuthenticated ) { @@ -745,6 +747,8 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString& rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd, RTL_TEXTENCODING_ISO_8859_1 ); bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() ); + // trash password string on heap + rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() ); } while( bEntered && ! bAuthenticated ); } diff --git a/sdext/source/pdfimport/inc/pdfparse.hxx b/sdext/source/pdfimport/inc/pdfparse.hxx index 4d19d9140a09..683c438bdf54 100644 --- a/sdext/source/pdfimport/inc/pdfparse.hxx +++ b/sdext/source/pdfimport/inc/pdfparse.hxx @@ -260,6 +260,8 @@ struct PDFFile : public PDFContainer bool decrypt( const sal_uInt8* pInBuffer, sal_uInt32 nLen, sal_uInt8* pOutBuffer, unsigned int nObject, unsigned int nGeneration ) const; + + rtl::OUString getDecryptionKey() const; }; struct PDFObject : public PDFContainer diff --git a/sdext/source/pdfimport/pdfparse/pdfentries.cxx b/sdext/source/pdfimport/pdfparse/pdfentries.cxx index 4b39b60d1c52..e741d7499915 100644 --- a/sdext/source/pdfimport/pdfparse/pdfentries.cxx +++ b/sdext/source/pdfimport/pdfparse/pdfentries.cxx @@ -32,6 +32,7 @@ #include <rtl/strbuf.hxx> #include <rtl/ustring.hxx> +#include <rtl/ustrbuf.hxx> #include <rtl/alloc.h> #include <rtl/digest.h> #include <rtl/cipher.h> @@ -1277,6 +1278,23 @@ bool PDFFile::setupDecryptionData( const OString& rPwd ) const return bValid; } +rtl::OUString PDFFile::getDecryptionKey() const +{ + rtl::OUStringBuffer aBuf( ENCRYPTION_KEY_LEN * 2 ); + if( impl_getData()->m_bIsEncrypted ) + { + for( sal_uInt32 i = 0; i < m_pData->m_nKeyLength; i++ ) + { + static const sal_Unicode pHexTab[16] = { '0', '1', '2', '3', '4', '5', '6', '7', + '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; + aBuf.append( pHexTab[(m_pData->m_aDecryptionKey[i] >> 4) & 0x0f] ); + aBuf.append( pHexTab[(m_pData->m_aDecryptionKey[i] & 0x0f)] ); + } + + } + return aBuf.makeStringAndClear(); +} + PDFFileImplData* PDFFile::impl_getData() const { if( m_pData ) diff --git a/sdext/source/pdfimport/wrapper/wrapper.cxx b/sdext/source/pdfimport/wrapper/wrapper.cxx index 51817ce5eacf..f9255393ae6e 100755 --- a/sdext/source/pdfimport/wrapper/wrapper.cxx +++ b/sdext/source/pdfimport/wrapper/wrapper.cxx @@ -913,6 +913,8 @@ static bool checkEncryption( const rtl::OUString& rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd, RTL_TEXTENCODING_ISO_8859_1 ); bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() ); + // trash password string on heap + rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() ); } if( bAuthenticated ) bSuccess = true; @@ -927,12 +929,23 @@ static bool checkEncryption( const rtl::OUString& rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd, RTL_TEXTENCODING_ISO_8859_1 ); bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() ); + // trash password string on heap + rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() ); } while( bEntered && ! bAuthenticated ); } OSL_TRACE( "password: %s\n", bAuthenticated ? "matches" : "does not match" ); bSuccess = bAuthenticated; } + // trash password string on heap + rtl_zeroMemory( (void*)io_rPwd.getStr(), io_rPwd.getLength()*sizeof(sal_Unicode) ); + if( bAuthenticated ) + { + rtl::OUStringBuffer aBuf( 128 ); + aBuf.appendAscii( "_OOO_pdfi_Credentials_" ); + aBuf.append( pPDFFile->getDecryptionKey() ); + io_rPwd = aBuf.makeStringAndClear(); + } } else bSuccess = true; diff --git a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx index 6011b6989576..e0c5763acac8 100644 --- a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx +++ b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx @@ -107,8 +107,8 @@ int main(int argc, char **argv) #endif // try to read a possible open password form stdin - char aPwBuf[34]; - aPwBuf[33] = 0; + char aPwBuf[129]; + aPwBuf[128] = 0; if( ! fgets( aPwBuf, sizeof(aPwBuf)-1, stdin ) ) aPwBuf[0] = 0; // mark as empty else @@ -132,14 +132,14 @@ int main(int argc, char **argv) // check for password string(s) - GooString* pOwnerPasswordStr( ownerPassword[0] != '\001' - ? new GooString(ownerPassword) - : (GooString *)NULL ); - GooString* pUserPasswordStr( aPwBuf[0] != 0 + GooString* pOwnerPasswordStr( aPwBuf[0] != 0 ? new GooString( aPwBuf ) - : ( userPassword[0] != '\001' - ? new GooString(userPassword) - : (GooString *)NULL ) ); + : (ownerPassword[0] != '\001' + ? new GooString(ownerPassword) + : (GooString *)NULL ) ); + GooString* pUserPasswordStr( userPassword[0] != '\001' + ? new GooString(userPassword) + : (GooString *)NULL ); if( outputFile[0] != '\001' ) g_binary_out = fopen(outputFile,"wb"); @@ -188,7 +188,6 @@ int main(int argc, char **argv) } else { - pdfi::PDFOutDev* pOutDev( new pdfi::PDFOutDev(&aDoc) ); // tell receiver early - needed for proper progress calculation diff --git a/xpdf/makefile.mk b/xpdf/makefile.mk index 452ab84fd0e4..482df3ba934a 100644 --- a/xpdf/makefile.mk +++ b/xpdf/makefile.mk @@ -48,7 +48,7 @@ dummy: TARFILE_NAME=xpdf-3.02 TARFILE_MD5=599dc4cc65a07ee868cf92a667a913d2 -PATCH_FILES=$(TARFILE_NAME).patch xpdf-3.02-sec.patch +PATCH_FILES=$(TARFILE_NAME).patch xpdf-3.02-sec.patch xpdf-3.02-ooopwd.patch CONFIGURE_DIR= BUILD_DIR=$(CONFIGURE_DIR) diff --git a/xpdf/xpdf-3.02-ooopwd.patch b/xpdf/xpdf-3.02-ooopwd.patch new file mode 100644 index 000000000000..f773585b3f91 --- /dev/null +++ b/xpdf/xpdf-3.02-ooopwd.patch @@ -0,0 +1,101 @@ +--- misc/xpdf-3.02/xpdf/SecurityHandler.cc 2007-02-27 23:05:52.000000000 +0100 ++++ misc/build/xpdf-3.02/xpdf/SecurityHandler.cc 2011-02-03 16:41:49.000000000 +0100 +@@ -40,7 +40,7 @@ + + encryptDictA->dictLookup("Filter", &filterObj); + if (filterObj.isName("Standard")) { +- secHdlr = new StandardSecurityHandler(docA, encryptDictA); ++ secHdlr = new OOoImportSecurityhandler(docA, encryptDictA); + } else if (filterObj.isName()) { + #ifdef ENABLE_PLUGINS + if ((xsh = globalParams->getSecurityHandler(filterObj.getName()))) { +@@ -310,6 +310,60 @@ + return gTrue; + } + ++//------------------------------------------------------------------------ ++// OOoImportSecurityhandler ++//------------------------------------------------------------------------ ++ ++OOoImportSecurityhandler::~OOoImportSecurityhandler() ++{ ++} ++ ++inline Guchar toNum( Guchar digit ) ++{ ++ return (digit >= '0') && digit <= '9' ++ ? digit - '0' ++ : (digit >= 'A' && digit <= 'F') ++ ? digit - 'A' + 10 ++ : (digit >= 'a' && digit <= 'f') ++ ? digit - 'a' + 10 ++ : Guchar(0xff); ++} ++ ++GBool OOoImportSecurityhandler::authorize(void* authData) ++{ ++ if( !ok ) ++ return gFalse; ++ if( authData ) ++ { ++ GString* ownerPassword = ((StandardAuthData *)authData)->ownerPassword; ++ if( ownerPassword ) ++ { ++ const char* pStr = ownerPassword->getCString(); ++ if( strncmp( pStr, "_OOO_pdfi_Credentials_", 22 ) == 0 ) ++ { ++ // a hex encoded byte sequence should follow until end of string ++ // the length must match fileKeyLength ++ // if this is the case we can assume that the password checked out ++ // and the file key is valid ++ // max len is 16 (the size of the fileKey array) ++ pStr += 22; ++ size_t i = 0; ++ while( pStr[0] && pStr[1] && i < sizeof( fileKey ) ) ++ { ++ fileKey[i++] = (toNum( *pStr++ ) << 4) ++ | (toNum( *pStr++ )); ++ } ++ if( i == size_t(fileKeyLength) ) ++ { ++ ownerPasswordOk = gTrue; ++ return gTrue; ++ } ++ } ++ } ++ } ++ return StandardSecurityHandler::authorize( authData ); ++} ++ + #ifdef ENABLE_PLUGINS + + //------------------------------------------------------------------------ +--- misc/xpdf-3.02/xpdf/SecurityHandler.h 2007-02-27 23:05:52.000000000 +0100 ++++ misc/build/xpdf-3.02/xpdf/SecurityHandler.h 2011-02-03 16:26:17.000000000 +0100 +@@ -103,7 +103,7 @@ + virtual int getEncVersion() { return encVersion; } + virtual CryptAlgorithm getEncAlgorithm() { return encAlgorithm; } + +-private: ++protected: + + int permFlags; + GBool ownerPasswordOk; +@@ -119,6 +119,17 @@ + GBool ok; + }; + ++class OOoImportSecurityhandler : public StandardSecurityHandler ++{ ++public: ++ OOoImportSecurityhandler( PDFDoc* docA, Object* encryptDictA ) ++ : StandardSecurityHandler( docA, encryptDictA ) ++ {} ++ virtual ~OOoImportSecurityhandler(); ++ ++ virtual GBool authorize(void* authData); ++}; ++ + #ifdef ENABLE_PLUGINS + //------------------------------------------------------------------------ + // ExternalSecurityHandler |