From b073d46c6a766606f727ca715fd2877e6e412b88 Mon Sep 17 00:00:00 2001 From: Yury Delendik Date: Mon, 22 Sep 2014 16:32:09 -0500 Subject: [PATCH] PDF.js version 1.0.624 --- bower.json | 2 +- build/pdf.combined.js | 34 +++++++++++++++++++++++++++------- build/pdf.js | 4 ++-- build/pdf.worker.js | 34 +++++++++++++++++++++++++++------- package.json | 2 +- 5 files changed, 58 insertions(+), 18 deletions(-) diff --git a/bower.json b/bower.json index 1465ca09c..137a11be7 100644 --- a/bower.json +++ b/bower.json @@ -1,6 +1,6 @@ { "name": "pdfjs-dist", - "version": "1.0.622", + "version": "1.0.624", "keywords": [ "Mozilla", "pdf", diff --git a/build/pdf.combined.js b/build/pdf.combined.js index b38915b1c..734cc1d36 100644 --- a/build/pdf.combined.js +++ b/build/pdf.combined.js @@ -22,8 +22,8 @@ if (typeof PDFJS === 'undefined') { (typeof window !== 'undefined' ? window : this).PDFJS = {}; } -PDFJS.version = '1.0.622'; -PDFJS.build = '86d06d6'; +PDFJS.version = '1.0.624'; +PDFJS.build = '13f1a96'; (function pdfjsWrapper() { // Use strict in our context only - users might not want it @@ -13061,8 +13061,18 @@ var AES128Cipher = (function AES128CipherClosure() { if (finalize) { // undo a padding that is described in RFC 2898 var lastBlock = result[result.length - 1]; - outputLength -= lastBlock[15]; - result[result.length - 1] = lastBlock.subarray(0, 16 - lastBlock[15]); + var psLen = lastBlock[15]; + if (psLen <= 16) { + for (i = 15, ii = 16 - psLen; i >= ii; --i) { + if (lastBlock[i] !== psLen) { + // Invalid padding, assume that the block has no padding. + psLen = 0; + break; + } + } + outputLength -= psLen; + result[result.length - 1] = lastBlock.subarray(0, 16 - psLen); + } } var output = new Uint8Array(outputLength); for (i = 0, j = 0, ii = result.length; i < ii; ++i, j += 16) { @@ -13477,7 +13487,7 @@ var AES256Cipher = (function AES256CipherClosure() { if (bufferLength < 16) { continue; } - // buffer is full, encrypting + // buffer is full, decrypting var plain = decrypt256(buffer, this.key); // xor-ing the IV vector to get plain text for (j = 0; j < 16; ++j) { @@ -13500,8 +13510,18 @@ var AES256Cipher = (function AES256CipherClosure() { if (finalize) { // undo a padding that is described in RFC 2898 var lastBlock = result[result.length - 1]; - outputLength -= lastBlock[15]; - result[result.length - 1] = lastBlock.subarray(0, 16 - lastBlock[15]); + var psLen = lastBlock[15]; + if (psLen <= 16) { + for (i = 15, ii = 16 - psLen; i >= ii; --i) { + if (lastBlock[i] !== psLen) { + // Invalid padding, assume that the block has no padding. + psLen = 0; + break; + } + } + outputLength -= psLen; + result[result.length - 1] = lastBlock.subarray(0, 16 - psLen); + } } var output = new Uint8Array(outputLength); for (i = 0, j = 0, ii = result.length; i < ii; ++i, j += 16) { diff --git a/build/pdf.js b/build/pdf.js index 7c6532858..d927d7755 100644 --- a/build/pdf.js +++ b/build/pdf.js @@ -22,8 +22,8 @@ if (typeof PDFJS === 'undefined') { (typeof window !== 'undefined' ? window : this).PDFJS = {}; } -PDFJS.version = '1.0.622'; -PDFJS.build = '86d06d6'; +PDFJS.version = '1.0.624'; +PDFJS.build = '13f1a96'; (function pdfjsWrapper() { // Use strict in our context only - users might not want it diff --git a/build/pdf.worker.js b/build/pdf.worker.js index b5acb8388..5f38cc74d 100644 --- a/build/pdf.worker.js +++ b/build/pdf.worker.js @@ -22,8 +22,8 @@ if (typeof PDFJS === 'undefined') { (typeof window !== 'undefined' ? window : this).PDFJS = {}; } -PDFJS.version = '1.0.622'; -PDFJS.build = '86d06d6'; +PDFJS.version = '1.0.624'; +PDFJS.build = '13f1a96'; (function pdfjsWrapper() { // Use strict in our context only - users might not want it @@ -8204,8 +8204,18 @@ var AES128Cipher = (function AES128CipherClosure() { if (finalize) { // undo a padding that is described in RFC 2898 var lastBlock = result[result.length - 1]; - outputLength -= lastBlock[15]; - result[result.length - 1] = lastBlock.subarray(0, 16 - lastBlock[15]); + var psLen = lastBlock[15]; + if (psLen <= 16) { + for (i = 15, ii = 16 - psLen; i >= ii; --i) { + if (lastBlock[i] !== psLen) { + // Invalid padding, assume that the block has no padding. + psLen = 0; + break; + } + } + outputLength -= psLen; + result[result.length - 1] = lastBlock.subarray(0, 16 - psLen); + } } var output = new Uint8Array(outputLength); for (i = 0, j = 0, ii = result.length; i < ii; ++i, j += 16) { @@ -8620,7 +8630,7 @@ var AES256Cipher = (function AES256CipherClosure() { if (bufferLength < 16) { continue; } - // buffer is full, encrypting + // buffer is full, decrypting var plain = decrypt256(buffer, this.key); // xor-ing the IV vector to get plain text for (j = 0; j < 16; ++j) { @@ -8643,8 +8653,18 @@ var AES256Cipher = (function AES256CipherClosure() { if (finalize) { // undo a padding that is described in RFC 2898 var lastBlock = result[result.length - 1]; - outputLength -= lastBlock[15]; - result[result.length - 1] = lastBlock.subarray(0, 16 - lastBlock[15]); + var psLen = lastBlock[15]; + if (psLen <= 16) { + for (i = 15, ii = 16 - psLen; i >= ii; --i) { + if (lastBlock[i] !== psLen) { + // Invalid padding, assume that the block has no padding. + psLen = 0; + break; + } + } + outputLength -= psLen; + result[result.length - 1] = lastBlock.subarray(0, 16 - psLen); + } } var output = new Uint8Array(outputLength); for (i = 0, j = 0, ii = result.length; i < ii; ++i, j += 16) { diff --git a/package.json b/package.json index 6dbd4b998..f2b90d182 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "pdfjs-dist", - "version": "1.0.622", + "version": "1.0.624", "description": "Generic build of Mozilla's PDF.js library.", "keywords": [ "Mozilla",