pdf-reader 2.7.0 → 2.9.2

data/lib/pdf/reader/parser.rb

@@ -80,8 +80,8 @@ class PDF::Reader
         token
       elsif operators.has_key? token
         Token.new(token)
-      elsif token.respond_to?(:to_token)
-        token.to_token
+      elsif token.frozen?
+        token
       elsif token =~ /\d*\.\d/
         token.to_f
       else
@@ -96,14 +96,20 @@ class PDF::Reader
     # id  - the object ID to return
     # gen - the object revision number to return
     def object(id, gen)
-      Error.assert_equal(parse_token, id)
+      idCheck = parse_token
+
+      # Sometimes the xref table is corrupt and points to an offset slightly too early in the file.
+      # check the next token, maybe we can find the start of the object we're looking for
+      if idCheck != id
+        Error.assert_equal(parse_token, id)
+      end
       Error.assert_equal(parse_token, gen)
       Error.str_assert(parse_token, "obj")
 
       obj = parse_token
       post_obj = parse_token
 
-      if post_obj == "stream"
+      if obj.is_a?(Hash) && post_obj == "stream"
         stream(obj)
       else
         obj
@@ -121,7 +127,7 @@ class PDF::Reader
         key = parse_token
         break if key.kind_of?(Token) and key == ">>"
         raise MalformedPDFError, "unterminated dict" if @buffer.empty?
-        raise MalformedPDFError, "Dictionary key (#{key.inspect}) is not a name" unless key.kind_of?(Symbol)
+        PDF::Reader::Error.validate_type_as_malformed(key, "Dictionary key", Symbol)
 
         value = parse_token
         value.kind_of?(Token) and Error.str_assert_not(value, ">>")
@@ -209,14 +215,23 @@ class PDF::Reader
     def stream(dict)
       raise MalformedPDFError, "PDF malformed, missing stream length" unless dict.has_key?(:Length)
       if @objects
-        length = @objects.deref(dict[:Length])
+        length = @objects.deref_integer(dict[:Length])
+        if dict[:Filter]
+          dict[:Filter] = @objects.deref_name_or_array(dict[:Filter])
+        end
       else
         length = dict[:Length] || 0
       end
+
+      PDF::Reader::Error.validate_type_as_malformed(length, "length", Numeric)
+
       data = @buffer.read(length, :skip_eol => true)
 
       Error.str_assert(parse_token, "endstream")
-      Error.str_assert(parse_token, "endobj")
+
+      # We used to assert that the stream had the correct closing token, but it doesn't *really*
+      # matter if it's missing, and other readers seems to handle its absence just fine
+      # Error.str_assert(parse_token, "endobj")
 
       PDF::Reader::Stream.new(dict, data)
     end

data/lib/pdf/reader/point.rb

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 module PDF

data/lib/pdf/reader/rc4_security_handler.rb

@@ -0,0 +1,38 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+
+require 'digest/md5'
+require 'rc4'
+
+class PDF::Reader
+
+  # Decrypts data using the RC4 algorithim defined in the PDF spec. Requires
+  # a decryption key, which is usually generated by PDF::Reader::StandardKeyBuilder
+  #
+  class Rc4SecurityHandler
+
+    def initialize(key)
+      @encrypt_key = key
+    end
+
+    ##7.6.2 General Encryption Algorithm
+    #
+    # Algorithm 1: Encryption of data using the RC4 algorithm
+    #
+    # version <=3 or (version == 4 and CFM == V2)
+    #
+    # buf - a string to decrypt
+    # ref - a PDF::Reader::Reference for the object to decrypt
+    #
+    def decrypt( buf, ref )
+      objKey = @encrypt_key.dup
+      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
+      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
+      length = objKey.length < 16 ? objKey.length : 16
+      rc4 = RC4.new( Digest::MD5.digest(objKey)[0,length] )
+      rc4.decrypt(buf)
+    end
+
+  end
+end

data/lib/pdf/reader/rectangle.rb

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 module PDF
@@ -26,6 +26,19 @@ module PDF
         set_corners(x1, y1, x2, y2)
       end
 
+      def self.from_array(arr)
+        if arr.size != 4
+          raise ArgumentError, "Only 4-element Arrays can be converted to a Rectangle"
+        end
+
+        PDF::Reader::Rectangle.new(
+          arr[0].to_f,
+          arr[1].to_f,
+          arr[2].to_f,
+          arr[3].to_f,
+        )
+      end
+
       def ==(other)
         to_a == other.to_a
       end
@@ -38,6 +51,11 @@ module PDF
         bottom_right.x - bottom_left.x
       end
 
+      def contains?(point)
+        point.x >= bottom_left.x && point.x <= top_right.x &&
+          point.y >= bottom_left.y && point.y <= top_right.y
+      end
+
       # A pdf-style 4-number array
       def to_a
         [
@@ -67,7 +85,7 @@ module PDF
           new_x2 = bottom_left.x
           new_y2 = bottom_left.y + width
         end
-        set_corners(new_x1, new_y1, new_x2, new_y2)
+        set_corners(new_x1 || 0, new_y1 || 0, new_x2 || 0, new_y2 || 0)
       end
 
       private

data/lib/pdf/reader/{resource_methods.rb → resources.rb}

@@ -1,16 +1,18 @@
 # coding: utf-8
-# typed: false
+# typed: true
 # frozen_string_literal: true
 
-# Setting this file to "typed: true" is difficult because it's a mixin that assumes some things
-# are aavailable from the class, like @objects and resources. Sorbet doesn't know about them.
-
 module PDF
   class Reader
 
     # mixin for common methods in Page and FormXobjects
     #
-    module ResourceMethods
+    class Resources
+
+      def initialize(objects, resources)
+        @objects = objects
+        @resources = resources
+      end
 
       # Returns a Hash of color spaces that are available to this page
       #
@@ -19,7 +21,7 @@ module PDF
       #       of calling it over and over.
       #
       def color_spaces
-        @objects.deref!(resources[:ColorSpace]) || {}
+        @objects.deref_hash!(@resources[:ColorSpace]) || {}
       end
 
       # Returns a Hash of fonts that are available to this page
@@ -29,7 +31,7 @@ module PDF
       #       of calling it over and over.
       #
       def fonts
-        @objects.deref!(resources[:Font]) || {}
+        @objects.deref_hash!(@resources[:Font]) || {}
       end
 
       # Returns a Hash of external graphic states that are available to this
@@ -40,7 +42,7 @@ module PDF
       #       of calling it over and over.
       #
       def graphic_states
-        @objects.deref!(resources[:ExtGState]) || {}
+        @objects.deref_hash!(@resources[:ExtGState]) || {}
       end
 
       # Returns a Hash of patterns that are available to this page
@@ -50,7 +52,7 @@ module PDF
       #       of calling it over and over.
       #
       def patterns
-        @objects.deref!(resources[:Pattern]) || {}
+        @objects.deref_hash!(@resources[:Pattern]) || {}
       end
 
       # Returns an Array of procedure sets that are available to this page
@@ -60,7 +62,7 @@ module PDF
       #       of calling it over and over.
       #
       def procedure_sets
-        @objects.deref!(resources[:ProcSet]) || []
+        @objects.deref_array!(@resources[:ProcSet]) || []
       end
 
       # Returns a Hash of properties sets that are available to this page
@@ -70,7 +72,7 @@ module PDF
       #       of calling it over and over.
       #
       def properties
-        @objects.deref!(resources[:Properties]) || {}
+        @objects.deref_hash!(@resources[:Properties]) || {}
       end
 
       # Returns a Hash of shadings that are available to this page
@@ -80,7 +82,7 @@ module PDF
       #       of calling it over and over.
       #
       def shadings
-        @objects.deref!(resources[:Shading]) || {}
+        @objects.deref_hash!(@resources[:Shading]) || {}
       end
 
       # Returns a Hash of XObjects that are available to this page
@@ -90,7 +92,7 @@ module PDF
       #       of calling it over and over.
       #
       def xobjects
-        @objects.deref!(resources[:XObject]) || {}
+        @objects.deref_hash!(@resources[:XObject]) || {}
       end
 
     end

data/lib/pdf/reader/security_handler_factory.rb

@@ -0,0 +1,79 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+
+class PDF::Reader
+  # Examines the Encrypt entry of a PDF trailer (if any) and returns an object that's
+  # able to decrypt the file.
+  class SecurityHandlerFactory
+
+    def self.build(encrypt, doc_id, password)
+      doc_id   ||= []
+      password ||= ""
+
+      if encrypt.nil?
+        NullSecurityHandler.new
+      elsif standard?(encrypt)
+        build_standard_handler(encrypt, doc_id, password)
+      elsif standard_v5?(encrypt)
+        build_v5_handler(encrypt, doc_id, password)
+      else
+        UnimplementedSecurityHandler.new
+      end
+    end
+
+    def self.build_standard_handler(encrypt, doc_id, password)
+      encmeta = !encrypt.has_key?(:EncryptMetadata) || encrypt[:EncryptMetadata].to_s == "true"
+      key_builder = StandardKeyBuilder.new(
+        key_length: (encrypt[:Length] || 40).to_i,
+        revision: encrypt[:R],
+        owner_key: encrypt[:O],
+        user_key: encrypt[:U],
+        permissions: encrypt[:P].to_i,
+        encrypted_metadata: encmeta,
+        file_id: doc_id.first,
+      )
+      cfm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      if cfm == :AESV2
+        AesV2SecurityHandler.new(key_builder.key(password))
+      else
+        Rc4SecurityHandler.new(key_builder.key(password))
+      end
+    end
+
+    def self.build_v5_handler(encrypt, doc_id, password)
+      key_builder = KeyBuilderV5.new(
+        owner_key: encrypt[:O],
+        user_key: encrypt[:U],
+        owner_encryption_key: encrypt[:OE],
+        user_encryption_key: encrypt[:UE],
+      )
+      AesV3SecurityHandler.new(key_builder.key(password))
+    end
+
+    # This handler supports all encryption that follows upto PDF 1.5 spec (revision 4)
+    def self.standard?(encrypt)
+      return false if encrypt.nil?
+
+      filter = encrypt.fetch(:Filter, :Standard)
+      version = encrypt.fetch(:V, 0)
+      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
+        (version <= 3 || (version == 4 && ((algorithm == :V2) || (algorithm == :AESV2))))
+    end
+
+    # This handler supports both
+    # - AES-256 encryption defined in PDF 1.7 Extension Level 3 ('revision 5')
+    # - AES-256 encryption defined in PDF 2.0 ('revision 6')
+    def self.standard_v5?(encrypt)
+      return false if encrypt.nil?
+
+      filter = encrypt.fetch(:Filter, :Standard)
+      version = encrypt.fetch(:V, 0)
+      revision = encrypt.fetch(:R, 0)
+      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
+          ((version == 5) && (revision == 5 || revision == 6) && (algorithm == :AESV3))
+    end
+  end
+end

data/lib/pdf/reader/{standard_security_handler.rb → standard_key_builder.rb}

@@ -1,39 +1,19 @@
 # coding: utf-8
-# typed: true
-# frozen_string_literal: true
 
-################################################################################
-#
-# Copyright (C) 2011 Evan J Brunner (ejbrun@appittome.com)
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-################################################################################
 require 'digest/md5'
-require 'openssl'
 require 'rc4'
 
 class PDF::Reader
 
-  # class creates interface to encrypt dictionary for use in Decrypt
-  class StandardSecurityHandler
+  # Processes the Encrypt dict from an encrypted PDF and a user provided
+  # password and returns a key that can decrypt the file.
+  #
+  # This can generate a key compatible with the following standard encryption algorithms:
+  #
+  # * Version 1-3, all variants
+  # * Version 4, V2 (RC4) and AESV2
+  #
+  class StandardKeyBuilder
 
     ## 7.6.3.3 Encryption Key Algorithm (pp61)
     #
@@ -45,9 +25,6 @@ class PDF::Reader
                      0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
                      0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a ]
 
-    attr_reader :key_length, :revision, :encrypt_key
-    attr_reader :owner_key, :user_key, :permissions, :file_id, :password
-
     def initialize(opts = {})
       @key_length    = opts[:key_length].to_i/8
       @revision      = opts[:revision].to_i
@@ -56,72 +33,30 @@ class PDF::Reader
       @permissions   = opts[:permissions].to_i
       @encryptMeta   = opts.fetch(:encrypted_metadata, true)
       @file_id       = opts[:file_id] || ""
-      @encrypt_key   = build_standard_key(opts[:password] || "")
-      @cfm           = opts[:cfm]
 
       if @key_length != 5 && @key_length != 16
-        msg = "StandardSecurityHandler only supports 40 and 128 bit\
+        msg = "StandardKeyBuilder only supports 40 and 128 bit\
                encryption (#{@key_length * 8}bit)"
-        raise ArgumentError, msg
+        raise UnsupportedFeatureError, msg
       end
     end
 
-    # This handler supports all encryption that follows upto PDF 1.5 spec (revision 4)
-    def self.supports?(encrypt)
-      return false if encrypt.nil?
-
-      filter = encrypt.fetch(:Filter, :Standard)
-      version = encrypt.fetch(:V, 0)
-      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
-      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
-        (version <= 3 || (version == 4 && ((algorithm == :V2) || (algorithm == :AESV2))))
-    end
-
-    ##7.6.2 General Encryption Algorithm
-    #
-    # Algorithm 1: Encryption of data using the RC4 or AES algorithms
-    #
-    # used to decrypt RC4/AES encrypted PDF streams (buf)
+    # Takes a string containing a user provided password.
     #
-    # buf - a string to decrypt
-    # ref - a PDF::Reader::Reference for the object to decrypt
+    # If the password matches the file, then a string containing a key suitable for
+    # decrypting the file will be returned. If the password doesn't match the file,
+    # and exception will be raised.
     #
-    def decrypt( buf, ref )
-      case @cfm
-        when :AESV2
-          decrypt_aes128(buf, ref)
-        else
-          decrypt_rc4(buf, ref)
-      end
-    end
-
-    private
+    def key(pass)
+      pass ||= ""
+      encrypt_key   = auth_owner_pass(pass)
+      encrypt_key ||= auth_user_pass(pass)
 
-    # decrypt with RC4 algorithm
-    # version <=3 or (version == 4 and CFM == V2)
-    def decrypt_rc4( buf, ref )
-      objKey = @encrypt_key.dup
-      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
-      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
-      length = objKey.length < 16 ? objKey.length : 16
-      rc4 = RC4.new( Digest::MD5.digest(objKey)[0,length] )
-      rc4.decrypt(buf)
+      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
+      encrypt_key
     end
 
-    # decrypt with AES-128-CBC algorithm
-    # when (version == 4 and CFM == AESV2)
-    def decrypt_aes128( buf, ref )
-      objKey = @encrypt_key.dup
-      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
-      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
-      objKey << 'sAlT'  # Algorithm 1, b)
-      length = objKey.length < 16 ? objKey.length : 16
-      cipher = OpenSSL::Cipher.new("AES-#{length << 3}-CBC")
-      cipher.decrypt
-      cipher.key = Digest::MD5.digest(objKey)[0,length]
-      cipher.iv = buf[0..15]
-      cipher.update(buf[16..-1]) + cipher.final
-    end
+    private
 
     # Pads supplied password to 32bytes using PassPadBytes as specified on
     # pp61 of spec
@@ -153,7 +88,7 @@ class PDF::Reader
       md5 = Digest::MD5.digest(pad_pass(pass))
       if @revision > 2 then
         50.times { md5 = Digest::MD5.digest(md5) }
-        keyBegins = md5[0, key_length]
+        keyBegins = md5[0, @key_length]
         #first iteration decrypt owner_key
         out = @owner_key
         #RC4 keyed with (keyBegins XOR with iteration #) to decrypt previous out
@@ -218,12 +153,5 @@ class PDF::Reader
       end
     end
 
-    def build_standard_key(pass)
-      encrypt_key   = auth_owner_pass(pass)
-      encrypt_key ||= auth_user_pass(pass)
-
-      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
-      encrypt_key
-    end
   end
 end

data/lib/pdf/reader/stream.rb

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 
 ################################################################################
@@ -62,7 +62,7 @@ class PDF::Reader
         end
 
         Array(hash[:Filter]).each_with_index do |filter, index|
-          @udata = Filter.with(filter, options[index]).filter(@udata)
+          @udata = Filter.with(filter, options[index] || {}).filter(@udata)
         end
       end
       @udata

data/lib/pdf/reader/text_run.rb

@@ -7,15 +7,14 @@ class PDF::Reader
   class TextRun
     include Comparable
 
-    attr_reader :x, :y, :width, :font_size, :text
+    attr_reader :origin, :width, :font_size, :text
 
     alias :to_s :text
 
     def initialize(x, y, width, font_size, text)
-      @x = x
-      @y = y
+      @origin = PDF::Reader::Point.new(x, y)
       @width = width
-      @font_size = font_size.floor
+      @font_size = font_size
       @text = text
     end
 
@@ -35,12 +34,20 @@ class PDF::Reader
       end
     end
 
+    def x
+      @origin.x
+    end
+
+    def y
+      @origin.y
+    end
+
     def endx
-      @endx ||= x + width
+      @endx ||= @origin.x + width
     end
 
     def endy
-      @endy ||= y + font_size
+      @endy ||= @origin.y + font_size
     end
 
     def mean_character_width

data/lib/pdf/reader/type_check.rb

@@ -0,0 +1,52 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+
+module PDF
+  class Reader
+
+    # Cast untrusted input (usually parsed out of a PDF file) to a known type
+    #
+    class TypeCheck
+
+      def self.cast_to_numeric!(obj)
+        if obj.is_a?(Numeric)
+          obj
+        elsif obj.nil?
+          0
+        elsif obj.respond_to?(:to_f)
+          obj.to_f
+        elsif obj.respond_to?(:to_i)
+          obj.to_i
+        else
+          raise MalformedPDFError, "Unable to cast to numeric"
+        end
+      end
+
+      def self.cast_to_string!(string)
+        if string.is_a?(String)
+          string
+        elsif string.nil?
+          ""
+        elsif string.respond_to?(:to_s)
+          string.to_s
+        else
+          raise MalformedPDFError, "Unable to cast to string"
+        end
+      end
+
+      def self.cast_to_symbol(obj)
+        if obj.is_a?(Symbol)
+          obj
+        elsif obj.nil?
+          nil
+        elsif obj.respond_to?(:to_sym)
+          obj.to_sym
+        else
+          raise MalformedPDFError, "Unable to cast to symbol"
+        end
+      end
+    end
+  end
+end
+