jedarden/pdftract
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pdftract/crates/pdftract-core/examples/test_resolve.rs
jedarden c7acac5d1f feat(pdftract-4li3d): implement security constraints for serve mode 
- Add startup banner with NO AUTH warning
- Add --max-decompress-gb CLI flag (default 1 GB)
- Add hard cap for --max-upload-mb at 4096 MB (4 GiB)
- Add max_decompress_gb form field parsing
- Update CLI help text with security model documentation
- Add comprehensive security model docs to serve.rs rustdoc

This implements the security constraints required by the bead:
- No built-in authentication (deploy behind reverse proxy)
- No file-path parameters (multipart upload only)
- Hard caps to prevent integer overflow
- Visible security warnings at startup

Closes: pdftract-4li3d
2026-05-26 18:47:51 -04:00

57 lines
2.1 KiB
Rust
Raw Blame History

use pdftract_core::parser::object::ObjectParser;
use pdftract_core::parser::stream::{MemorySource, PdfSource};
use pdftract_core::parser::xref;
fn main() {
let path = "tests/fixtures/tagged-suspects-false.pdf";
let mut file = std::fs::File::open(path).unwrap();
let mut buffer = Vec::new();
std::io::Read::read_to_end(&mut file, &mut buffer).unwrap();
// Find startxref
let search_bytes = &buffer[buffer.len().saturating_sub(1024)..];
let pos = search_bytes
.windows(9)
.rposition(|w| w == b"startxref")
.unwrap();
let start = buffer.len().saturating_sub(1024) + pos + 9;
// Skip whitespace
let mut offset_start = start;
while offset_start < buffer.len() && buffer[offset_start].is_ascii_whitespace() {
offset_start += 1;
}
let mut offset_end = offset_start;
while offset_end < buffer.len() && buffer[offset_end].is_ascii_digit() {
offset_end += 1;
}
let offset_str = std::str::from_utf8(&buffer[offset_start..offset_end]).unwrap();
let start_offset: u64 = offset_str.parse().unwrap();
let source = MemorySource::new(buffer);
let xref_section = xref::load_xref_with_prev_chain(&source, start_offset);
// Check object 1 specifically
if let Some(entry) = xref_section.entries.get(&1) {
if let xref::XrefEntry::InUse { offset, gen_nr } = entry {
println!("Object 1: offset={}, gen={}", offset, gen_nr);
// Read the object at that offset
let obj_bytes = source.read_at(*offset, 200).expect("Failed to read object");
let obj_str = std::str::from_utf8(&obj_bytes).expect("Invalid UTF-8");
println!("Object content (first 200 bytes): {:?}", obj_str);
// Try parsing the object
let mut parser = ObjectParser::new(&obj_bytes);
if let Some(obj) = parser.parse_direct_object() {
println!("Parsed object: {:?}", obj);
} else {
println!("Failed to parse object");
println!("Diagnostics: {:?}", parser.take_diagnostics());
}
}
}
}
Reference in a new issue View git blame Copy permalink