summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTor Lillqvist <tml@collabora.com>2015-02-24 17:39:29 +0200
committerTor Lillqvist <tml@collabora.com>2015-02-24 18:02:13 +0200
commitca2d878659400b783ae72267f47d0c719b50a1ad (patch)
tree7161c0143a8973a9fe351cbb4dab3f2ed6327e16
parent4702f6ae2f671ac48e4cae3cd46d5941d021e533 (diff)
tdf#84881: Bump MAX_SIGNATURE_CONTENT_LENGTH to 50000 for now
Note that checks in the code against exceeding that limit apparently are broken, though. After the previous change I ended up with an invalid PDF where the signature hex string in the output PDF had brutally overrun its allocation. Now Adobe Reader says "The signature includes an embedded timestamp but it could not be verified". This is progress. Perhaps I just need to tell Adobe Reader to trust the certificate from the TSA I used. Change-Id: I1e8644ee641592a985e0190b52bf76839f99b3e7
-rw-r--r--vcl/source/gdi/pdfwriter_impl.cxx12
1 files changed, 11 insertions, 1 deletions
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index 94183bd28538..e1b6e7aef549 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -108,7 +108,17 @@ using namespace vcl;
// Is this length truly the maximum possible, or just a number that
// seemed large enough when the author tested this (with some type of
// certificates)? I suspect the latter.
-#define MAX_SIGNATURE_CONTENT_LENGTH 0x4000
+
+// Used to be 0x4000 = 16384, but a sample signed PDF (produced by
+// some other software) provided by the customer has a signature
+// content that is 30000 bytes. The SampleSignedPDFDocument.pdf from
+// Adobe has one that is 21942 bytes. So let's be careful. Pity this
+// can't be dynamic, at least not without restructuring the code. Also
+// note that the checks in the code for this being too small
+// apparently are broken, if this overflows you end up with an invalid
+// PDF. Need to fix that.
+
+#define MAX_SIGNATURE_CONTENT_LENGTH 50000
#endif
#ifdef DO_TEST_PDF