Add support for ObjectStream in PDF

ObjectStream isn't necessarely malicious, but can be. This patch could
be improved by unpacking the content of the stream, but it requires 3rd
party libraries we don't have for now.

Final fix for PCL-01-002
pull/17/merge
Raphaël Vinot 2017-06-19 11:24:47 +02:00
parent 7d38ec3d32
commit 079e8d30a3
1 changed files with 2 additions and 0 deletions

View File

@ -407,6 +407,8 @@ class File(FileBase):
self.make_dangerous('Pdf with launch action(s)') self.make_dangerous('Pdf with launch action(s)')
if oPDFiD.xfa.count > 0: if oPDFiD.xfa.count > 0:
self.make_dangerous('Pdf with XFA structures') self.make_dangerous('Pdf with XFA structures')
if oPDFiD.objstm.count > 0:
self.make_dangerous('Pdf with ObjectStream structures')
if not self.is_dangerous: if not self.is_dangerous:
self.add_description('Pdf file') self.add_description('Pdf file')