| 2023-10-19 11:28:13 |
Jay Berkenbilt |
bug |
|
|
added bug |
| 2023-10-19 11:28:13 |
Jay Berkenbilt |
attachment added |
|
qpdf-11.3.0-1ubuntu1.debdiff https://bugs.launchpad.net/bugs/2039804/+attachment/5711201/+files/qpdf-11.3.0-1ubuntu1.debdiff |
|
| 2023-10-19 11:29:19 |
Jay Berkenbilt |
attachment added |
|
qpdf-11.5.0-1ubuntu1.debdiff https://bugs.launchpad.net/ubuntu/+source/qpdf/+bug/2039804/+attachment/5711202/+files/qpdf-11.5.0-1ubuntu1.debdiff |
|
| 2023-10-19 11:31:02 |
Jay Berkenbilt |
bug |
|
|
added subscriber Ubuntu Sponsors |
| 2023-10-19 11:32:54 |
Jay Berkenbilt |
summary |
qpdf: data loss bug affecting versions 11.0.0 through 11.6.2 |
SRU request: qpdf: data loss bug affecting versions 11.0.0 through 11.6.2 |
|
| 2023-10-19 14:20:34 |
Till Kamppeter |
nominated for series |
|
Ubuntu Mantic |
|
| 2023-10-19 14:20:34 |
Till Kamppeter |
bug task added |
|
qpdf (Ubuntu Mantic) |
|
| 2023-10-19 14:20:34 |
Till Kamppeter |
nominated for series |
|
Ubuntu Lunar |
|
| 2023-10-19 14:20:34 |
Till Kamppeter |
bug task added |
|
qpdf (Ubuntu Lunar) |
|
| 2023-10-19 14:20:50 |
Till Kamppeter |
qpdf (Ubuntu Lunar): importance |
Undecided |
High |
|
| 2023-10-19 14:20:52 |
Till Kamppeter |
qpdf (Ubuntu Mantic): importance |
Undecided |
High |
|
| 2023-10-19 14:22:13 |
Till Kamppeter |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2023-10-19 14:34:10 |
Till Kamppeter |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054158 |
|
| 2023-10-19 14:34:10 |
Till Kamppeter |
bug task added |
|
qpdf |
|
| 2023-10-19 14:34:49 |
Till Kamppeter |
bug task deleted |
qpdf |
|
|
| 2023-10-19 14:34:58 |
Till Kamppeter |
bug watch added |
|
https://github.com/qpdf/qpdf/issues/1050 |
|
| 2023-10-19 14:34:58 |
Till Kamppeter |
bug task added |
|
qpdf |
|
| 2023-10-19 15:01:12 |
Bug Watch Updater |
qpdf: status |
Unknown |
Fix Released |
|
| 2023-10-19 15:45:03 |
Ubuntu Archive Robot |
bug |
|
|
added subscriber Till Kamppeter |
| 2023-10-23 15:42:11 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2023-10-23 23:01:47 |
Till Kamppeter |
description |
Notes:
* I am the upstream author and debian maintainer for qpdf.
* This bug has been fixed in debian unstable and testing with version 11.6.3, but because 24.04 is not yet open, it has not synced. This should not block fixing 23.04 and 22.04. I have uploaded 11.6.3 to my ppa: https://launchpad.net/~qpdf/+archive/ubuntu/qpdf
* I am attaching debdiffs for lunar and mantic
Upstream bug https://github.com/qpdf/qpdf/issues/1050 revealed a bug in qpdf's lexical layer that would cause qpdf to discard the character in a binary string following an octal quoted character with 1 or 2 digits. The PDF spec allows octal digits to be \d, \dd, or \ddd, and allows the first two forms if the next character is other than an octal digit. Most PDF writers never use the \d or \dd forms, but some do. With default options, qpdf does not parse or alter strings inside content streams, so this bug is not likely to affect page content. However, binary strings of this sort are common in the document /ID and may also appear in metadata for encrypted files. In some cases, such as the file in #1050, this bug can cause error, in this case, because the discarded character was the string end delimiter. In most case, this bug results in silent data loss. The fix is very small and locally contained. The upstream fix includes several new test cases, but the patch I will include to fix the issue only includes the relevant code change.
I also reported this as a debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054158
It was approved as a stable update by debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054119
[ Impact ]
The bug could result in silent corruption of binary strings in PDF metadata. It could also result in failure of qpdf to process a valid file. Data loss justifies a stable update.
[ Test Plan ]
The test file in https://github.com/qpdf/qpdf/issues/1050 can be used to prove that the bug exists in versions >= 11.0.0 and <= 11.6.2 and that the bug is fixed in 11.6.3.
The upstream fix includes several additional automated test cases. These are not included in the patch, but they are included in the upstream commit that fixes the bug: https://github.com/qpdf/qpdf/commit/1ecc6bb29e24a4f89470ff91b2682b46e0576ad4
[ Where problems could occur ]
This fix has a very low risk of causing a regression. The fix is very localized to qpdf's lexical layer and is in a code path that only occurs when a 1-digit or 2-digit octal quoted character is terminated by other than an octal digit. This is the first bug in qpdf's lexical layer in many years. It was introduced by a pull request from a reliable and consistent contributor who has made may improvements to qpdf's performance. The fix follows the established pattern of how to handle instances in which a character triggers a state change and has to be reprocessed in the new state.
qpdf has a rigorous test suite and an extremely good quality record. It processes millions of documents daily by many commercial entities. My current employer runs millions of pages a day through qpdf.
[ Other Info ]
See also
Upstream bug report: https://github.com/qpdf/qpdf/issues/1050
Corresponding debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054158
Debian stable release approval: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054119 |
Notes:
* I am the upstream author and debian maintainer for qpdf.
* This bug has been fixed in debian unstable and testing with version 11.6.3, but because 24.04 is not yet open, it has not synced. This should not block fixing 23.04 and 22.04. I have uploaded 11.6.3 to my ppa: https://launchpad.net/~qpdf/+archive/ubuntu/qpdf
* I am attaching debdiffs for lunar and mantic
Upstream bug https://github.com/qpdf/qpdf/issues/1050 revealed a bug in qpdf's lexical layer that would cause qpdf to discard the character in a binary string following an octal quoted character with 1 or 2 digits. The PDF spec allows octal digits to be \d, \dd, or \ddd, and allows the first two forms if the next character is other than an octal digit. Most PDF writers never use the \d or \dd forms, but some do. With default options, qpdf does not parse or alter strings inside content streams, so this bug is not likely to affect page content. However, binary strings of this sort are common in the document /ID and may also appear in metadata for encrypted files. In some cases, such as the file in #1050, this bug can cause error, in this case, because the discarded character was the string end delimiter. In most case, this bug results in silent data loss. The fix is very small and locally contained. The upstream fix includes several new test cases, but the patch I will include to fix the issue only includes the relevant code change.
I also reported this as a debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054158
It was approved as a stable update by debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054119
[ Impact ]
The bug could result in silent corruption of binary strings in PDF metadata. It could also result in failure of qpdf to process a valid file. Data loss justifies a stable update.
[ Test Plan ]
The test file in https://github.com/qpdf/qpdf/issues/1050 can be used to prove that the bug exists in versions >= 11.0.0 and <= 11.6.2 and that the bug is fixed in 11.6.3.
The upstream fix includes several additional automated test cases. These are not included in the patch, but they are included in the upstream commit that fixes the bug: https://github.com/qpdf/qpdf/commit/1ecc6bb29e24a4f89470ff91b2682b46e0576ad4
How to test the SRU package on Ubuntu manually (copied from Jay's comment #6 below):
Running `qpdf --check 018.pdf` where `018.pdf` is the file attached to the upstream bug will reproduce the issue. With the current version in 22.04 and 23.04, you will see something like this:
```
WARNING: /tmp/z/018.pdf (xref stream: object 17 1, offset 110340): EOF while reading token
WARNING: /tmp/z/018.pdf (xref stream: object 17 1, offset 110830): unexpected EOF
WARNING: /tmp/z/018.pdf (xref stream: object 17 1, offset 110830): parse error while reading object
WARNING: /tmp/z/018.pdf (xref stream: object 17 1, offset 110830): expected endobj
WARNING: /tmp/z/018.pdf: file is damaged
WARNING: /tmp/z/018.pdf (offset 110267): xref not found
WARNING: /tmp/z/018.pdf: Attempting to reconstruct cross-reference table
qpdf: /tmp/z/018.pdf: unable to find trailer dictionary while recovering damaged file
```
After the fix, you will see
```
checking /home/ejb/Downloads/018.pdf
PDF Version: 1.7
File is not encrypted
File is not linearized
No syntax or stream encoding errors found; the file may still contain
errors that qpdf cannot detect
```
(obviously with the full paths based on whatever you call the file).
[ Where problems could occur ]
This fix has a very low risk of causing a regression. The fix is very localized to qpdf's lexical layer and is in a code path that only occurs when a 1-digit or 2-digit octal quoted character is terminated by other than an octal digit. This is the first bug in qpdf's lexical layer in many years. It was introduced by a pull request from a reliable and consistent contributor who has made may improvements to qpdf's performance. The fix follows the established pattern of how to handle instances in which a character triggers a state change and has to be reprocessed in the new state.
qpdf has a rigorous test suite and an extremely good quality record. It processes millions of documents daily by many commercial entities. My current employer runs millions of pages a day through qpdf.
[ Other Info ]
See also
Upstream bug report: https://github.com/qpdf/qpdf/issues/1050
Corresponding debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054158
Debian stable release approval: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054119 |
|
| 2023-10-24 14:03:28 |
Paride Legovini |
bug task added |
|
qpdf (Debian) |
|
| 2023-10-24 14:03:45 |
Paride Legovini |
qpdf (Ubuntu): status |
New |
Confirmed |
|
| 2023-10-24 14:07:08 |
Paride Legovini |
removed subscriber Ubuntu Sponsors |
|
|
|
| 2023-10-24 15:45:25 |
Ubuntu Archive Robot |
bug |
|
|
added subscriber Paride Legovini |
| 2023-10-25 08:16:42 |
Bug Watch Updater |
qpdf (Debian): status |
Unknown |
Confirmed |
|
| 2023-10-25 10:28:17 |
Robie Basak |
summary |
SRU request: qpdf: data loss bug affecting versions 11.0.0 through 11.6.2 |
Data loss: qpdf discards the character in a binary string following an octal quoted character with 1 or 2 digits |
|
| 2023-10-25 10:35:10 |
Robie Basak |
qpdf (Ubuntu Mantic): status |
New |
Fix Committed |
|
| 2023-10-25 10:35:12 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
| 2023-10-25 10:35:21 |
Robie Basak |
tags |
|
verification-needed verification-needed-mantic |
|
| 2023-10-25 10:35:44 |
Robie Basak |
qpdf (Ubuntu Lunar): status |
New |
Fix Committed |
|
| 2023-10-25 10:35:47 |
Robie Basak |
tags |
verification-needed verification-needed-mantic |
verification-needed verification-needed-lunar verification-needed-mantic |
|
| 2023-10-25 11:07:56 |
Robie Basak |
qpdf (Ubuntu): status |
Confirmed |
Triaged |
|
| 2023-10-25 20:34:29 |
Robie Basak |
qpdf (Ubuntu): status |
Triaged |
Fix Committed |
|
| 2023-10-27 22:05:28 |
Till Kamppeter |
tags |
verification-needed verification-needed-lunar verification-needed-mantic |
verification-done verification-done-lunar verification-done-mantic |
|
| 2023-11-06 08:30:03 |
Bug Watch Updater |
qpdf (Debian): status |
Confirmed |
Fix Released |
|
| 2023-11-16 20:40:12 |
Mauricio Faria de Oliveira |
qpdf (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2023-11-16 21:20:33 |
Launchpad Janitor |
qpdf (Ubuntu Mantic): status |
Fix Committed |
Fix Released |
|
| 2023-11-16 21:20:37 |
Andreas Hasenack |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2023-11-16 21:20:51 |
Launchpad Janitor |
qpdf (Ubuntu Lunar): status |
Fix Committed |
Fix Released |
|
