← Back to team overview

desktop-packages team mailing list archive

[Bug 1085526]

 

I don't think NSS should be mandatory. It is not required for rendering
PDFs.  configure/cmake should include NSS in the "building poppler with
support for" summary.

>  byte_range->arrayGet(1, &r2);
>  byte_range->arrayGet(2, &r3);
>  byte_range->arrayGet(3, &r4);
>
>  unsigned int signed_data_len = r2.getInt()+r4.getInt();
>  unsigned char *to_check = (unsigned char *)gmalloc(signed_data_len);
>
>  //Read the 2 slices of data that are signed
>  doc->getBaseStream()->setPos(0);
>  doc->getBaseStream()->doGetChars(r2.getInt(), to_check);
>  doc->getBaseStream()->setPos(r3.getInt());
>  doc->getBaseStream()->doGetChars(r4.getInt(), to_check+r2.getInt());

This does not support large files (> 2GB). The code should check if the
objects in byte_range are int64 and use the Goffset type for setting
file offsets.

It would be better to process the range in chunks instead of reading the
entire range into a buffer. We don't know how big the range could be and
it is not necessary to read it all at once as
HASH_Begin/HASH_Update/HASH_End can be used to process it in chunks.

I would prefer it if all the NSS includes were only included in the .cc
files similar to what we do with the image formats (JPEG2000Stream.h,
JpegWriter.h etc). It speeds up compilation, avoids clashes with other
include files, and makes it easier to replace NSS and/or support other
security libraries if we choose to do so in future.

The pdfsigutil utility doesn't seem to do much. Unless there are plans
to add a lot of extra options and functionality would it be better to
add an option to pdfinfo to check signatures instead of adding a new
util?

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1085526

Title:
  ubuntu pdf doc viewer will not let me sign a document

Status in Poppler:
  Confirmed
Status in evince package in Ubuntu:
  Triaged

Bug description:
  Just updated in last few weeks, i think ubuntu 12.4

  To sign the document i have to send it to my neighbors windows
  computer, open it, sign it, then send it, then I get a note from echo
  sign that the document was sent with my signature.

  ProblemType: Bug
  DistroRelease: Ubuntu 11.10
  Package: evince 3.2.1-0ubuntu2.3
  ProcVersionSignature: Ubuntu 3.0.0-27.44-generic 3.0.45
  Uname: Linux 3.0.0-27-generic i686
  ApportVersion: 1.23-0ubuntu4
  Architecture: i386
  Date: Fri Nov 30 18:13:25 2012
  ExecutablePath: /usr/bin/evince
  InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release i386 (20110427.1)
  ProcEnviron:
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: evince
  UpgradeStatus: Upgraded to oneiric on 2012-11-18 (12 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/poppler/+bug/1085526/+subscriptions