From 7daeccdfead063fccd26efcadd70678c1236dc2f Mon Sep 17 00:00:00 2001 From: deeplow Date: Mon, 2 Oct 2023 11:22:04 +0100 Subject: [PATCH] Prevent PDF from overwriting num_pages in Qubes This should only affect the alpha version of Qubes OS (in containers it only allows the attacker to control the timeout). In short, an attacker could have PDF metadata that would show before "Pages:" in the `pdfinfo` command output and this would essentially override the number of pages measured in the server. This could enable the attacker to shorten the number of pages of a document for example. Fixes #565 --- dangerzone/conversion/doc_to_pixels.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dangerzone/conversion/doc_to_pixels.py b/dangerzone/conversion/doc_to_pixels.py index 38f1615..48f301d 100644 --- a/dangerzone/conversion/doc_to_pixels.py +++ b/dangerzone/conversion/doc_to_pixels.py @@ -254,7 +254,7 @@ class DocumentToPixels(DangerzoneConverter): timeout=timeout, ) - search = re.search(r"Pages:\s*(\d+)\s*\n", stdout.decode()) + search = re.search(r"^Pages:\s*(\d+)\s*\n", stdout.decode(), re.MULTILINE) if search is not None: num_pages: int = int(search.group(1)) else: