From 6a63b1366e7e8db8a0cef0931e69d11de04fa55c Mon Sep 17 00:00:00 2001 From: m32 Date: Tue, 19 Dec 2023 14:50:22 +0100 Subject: [PATCH] #157 - vulnerability in used pypdf --- endesive/__init__.py | 2 +- endesive/pdf/PyPDF2/pdf.py | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/endesive/__init__.py b/endesive/__init__.py index d535ca9..bacf1c6 100644 --- a/endesive/__init__.py +++ b/endesive/__init__.py @@ -2,6 +2,6 @@ __author__ = 'Grzegorz Makarewicz' __license__ = 'MIT' -__version__ = '2.16' +__version__ = '2.16.1' __all__ = [__author__, __license__, __version__] diff --git a/endesive/pdf/PyPDF2/pdf.py b/endesive/pdf/PyPDF2/pdf.py index c72765a..7720a11 100644 --- a/endesive/pdf/PyPDF2/pdf.py +++ b/endesive/pdf/PyPDF2/pdf.py @@ -2000,7 +2000,7 @@ def _pairs(self, array): def readNextEndLine(self, stream): debug = False if debug: print(">>readNextEndLine") - line = b_("") + line_parts = [] while True: # Prevent infinite loops in malformed PDFs if stream.tell() == 0: @@ -2027,10 +2027,10 @@ def readNextEndLine(self, stream): break else: if debug: print(" x is neither") - line = x + line - if debug: print((" RNEL line:", line)) + line_parts.append(x) if debug: print("leaving RNEL") - return line + line_parts.reverse() + return b"".join(line_parts) def decrypt(self, password): """