Package: qpdf
Version: 5.1.2-2
Severity: minor
Dear Maintainer,
When a PDF is produced that contains malformed metadata, qpdf chokes
on it when trying to encrypt it with an error like:
(file position 16068): unknown token while reading object (CatB)
You may not regard this as a bug. Feel free to disregard. But I
should point out that pdftk can encrypt the same file without issues,
so it is at least possible for qpdf to be more forgiving, FWIW.
This example script demonstrates:
====8<----------------------------------------
#!/bin/bash
# This script demonstrates how to break qpdf by generating a PDF with
# (bad?) metadata. It's a self-contained example requiring no input
# files - only tools. These are the steps:
#
# 1) auto-generate a PDF file with some dummy text, such that the
# "keywords" field in the metadata is malformed.
# 2) show that qpdf errors:
# (file position 16068): unknown token while reading object (CatB)
# 3) show that pdftk can encrypt the same document without trouble.
#
# Tools required:
#
# * LaTeX
# * qpdf
# * pdftk (optional)
################################################################################
# 1) auto-generate a PDF file with some dummy text
################################################################################
latex_fn="$(tempfile -p doc_ -s .tex)"
latex_doc() {
printf %s '
\documentclass[pdftex]{article}
\usepackage{lipsum}
% notice that /keywords/ is not using paranthesis to delimit the
% content (which is incorrect, but pdflatex accepts this anyway and
% produces a usable document although without keywords).
\pdfinfo{
/Author (Eric S. Raymond)
/Subject (Musings on Linux and Open Source by an Accidental Revolutionary)
/Title (The Cathedral and the Bazaar)
/Keywords CatB
}
\begin{document}
\lipsum[2]
\end{document}
'
}
latex_doc >"$latex_fn"
pushd "$(dirname "$latex_fn")"
pdflatex "$latex_fn"
pdf_fn="${latex_fn//.tex/.pdf}"
################################################################################
# 2) qpdf errors and produces a zero size file
################################################################################
qpdf --encrypt foo foo 40 -- "$pdf_fn" qpdf_rc4.pdf
################################################################################
# 3) the equivalent pdftk operation produces a usable file in /tmp/
################################################################################
pdftk "$pdf_fn" cat output pdftk_rc4.pdf allow AllFeatures user_pw foo
popd
====8<----------------------------------------
BTW, I appreciate your feedback on my previous 2 bug reports regarding
encryption. I'm sorry that they turned out to be false alarms.
-- System Information:
Debian Release: 8.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages qpdf depends on:
ii libc6 2.19-18+deb8u1
ii libgcc1 1:4.9.2-10
ii libpcre3 2:8.35-3.3
ii libqpdf13 5.1.2-2
ii libstdc++6 4.9.2-10
ii zlib1g 1:1.2.8.dfsg-2+b1
qpdf recommends no packages.
qpdf suggests no packages.
-- no debconf information
