Skip to content

Commit

Permalink
Account for inline images in formatContent() (#693)
Browse files Browse the repository at this point in the history
* Account for inline image data in formatContent()

`formatContent()` now accounts for inline image `BI ... ID ... EI` commands in document streams.

* Include BI command in the regexp

Include the `BI` command in the regexp, and move inline image detection after string replacement to prevent false-positives.

* Add PCRE dotall modifier

Add the /s modifier so the `.` token matches newlines as well. Thanks to @iGrog for supplying another PDF that demonstrated this issue. Add the same modifier for dictionaries as well, fixing this oversight.

Move the inline image replacement before string replacement. Parentheses in binary image data may be interpreted as the start of a string.

Move the inline images test to its own function and add a newline to the sample data to test for the dotall modifier change.

* More robust check for BI within strings

`BI` "commands" within strings should not be parsed as the beginning of inline image blocks. Detect if the `BI` we found is inside a (string) and if it is, note the offset and move past it for the next match.

* Bump search offset if no Height or Width found

In the case where a valid inline image dictionary isn't found, or if the dictionary doesn't include the required parameters Height and Width, also bump the search offset forward by the current match position so we don't fall into a loop here.

* Add "Step X:" to comments in formatContent()

Add "Step X:" to the comments to better define what the inline image replacement code is doing.

Small adjustment to the balanced parentheses regexp to also exclude open parenthesis '(' from the matching. This will ensure replacing balanced parentheses from the innermost to the outermost.

---------

Co-authored-by: Konrad Abicht <[email protected]>
  • Loading branch information
GreyWyvern and k00ni authored May 13, 2024
1 parent 14adf31 commit a19d555
Show file tree
Hide file tree
Showing 2 changed files with 108 additions and 1 deletion.
72 changes: 71 additions & 1 deletion src/Smalot/PdfParser/PDFObject.php
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,66 @@ private function formatContent(?string $content): string
return '';
}

// Find all inline image content and replace them so they aren't
// affected by the next steps
$pdfInlineImages = [];
$offsetBI = 0;
while (preg_match('/\sBI\s(\/.+?)\sID\s(.+?)\sEI(?=\s|$)/s', $content, $text, \PREG_OFFSET_CAPTURE, $offsetBI)) {
// Attempt to detemine if this instance of the 'BI' command
// actually occured within a (string) using the following
// steps:

// Step 1: Remove any escaped parentheses from the alleged
// image characteristics data
$para = str_replace(['\\(', '\\)'], '', $text[1][0]);

// Step 2: Remove all correctly ordered and balanced
// parentheses from (strings)
do {
$paraTest = $para;
$para = preg_replace('/\(([^()]*)\)/', '$1', $paraTest);
} while ($para != $paraTest);

$paraOpen = strpos($para, '(');
$paraClose = strpos($para, ')');

// Check: If the remaining text contains a close parenthesis
// ')' AND it occurs before any open parenthesis, then we
// are almost certain to be inside a (string)
if (0 < $paraClose && (false === $paraOpen || $paraClose < $paraOpen)) {
// Bump the search offset forward and match again
$offsetBI = (int) $text[1][1];
continue;
}

// Step 3: Double check that this is actually inline image
// data by parsing the alleged image characteristics as a
// dictionary
$dict = $this->parseDictionary('<<'.$text[1][0].'>>');

// Check if an image Width and Height are set in the dict
if ((isset($dict['W']) || isset($dict['Width']))
&& (isset($dict['H']) || isset($dict['Height']))) {
$id = uniqid('IMAGE_', true);
$pdfInlineImages[$id] = [
preg_replace(['/\r\n/', '/\r/', '/\n/'], ' ', $text[1][0]),
preg_replace(['/\r\n/', '/\r/', '/\n/'], '', $text[2][0]),
];
$content = preg_replace(
'/'.preg_quote($text[0][0], '/').'/',
'^^^'.$id.'^^^',
$content,
1
);
} else {
// If there was no valid dictionary, or a height and width
// weren't specified, then we don't know what this is, so
// just leave it alone; bump the search offset forward and
// match again
$offsetBI = (int) $text[1][1];
}
}

// Find all strings () and replace them so they aren't affected
// by the next steps
$pdfstrings = [];
Expand Down Expand Up @@ -278,7 +338,7 @@ private function formatContent(?string $content): string
// Find all dictionary << >> commands and replace them so they
// aren't affected by the next steps
$dictstore = [];
while (preg_match('/(<<.*?>> *)(BDC|BMC|DP|MP)/', $content, $dicttext)) {
while (preg_match('/(<<.*?>> *)(BDC|BMC|DP|MP)/s', $content, $dicttext)) {
$dictid = uniqid('DICT_', true);
$dictstore[$dictid] = $dicttext[1];
$content = preg_replace(
Expand Down Expand Up @@ -337,6 +397,16 @@ private function formatContent(?string $content): string
$content = str_replace('@@@'.$id.'@@@', $text, $content);
}

// Restore the original content of any inline images
$pdfInlineImages = array_reverse($pdfInlineImages, true);
foreach ($pdfInlineImages as $id => $image) {
$content = str_replace(
'^^^'.$id.'^^^',
"\r\nBI\r\n".$image[0]." ID\r\n".$image[1]." EI\r\n",
$content
);
}

$content = trim(preg_replace(['/(\r\n){2,}/', '/\r\n +/'], "\r\n", $content));

return $content;
Expand Down
37 changes: 37 additions & 0 deletions tests/PHPUnit/Integration/PDFObjectTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,43 @@ public function testFormatContent(): void
$this->assertEquals('', $cleaned);
}

/**
* Check that inline image data does not corrupt the stream
*
* @see: https://github.com/smalot/pdfparser/issues/691
*/
public function testFormatContentInlineImages(): void
{
$formatContent = new \ReflectionMethod('Smalot\PdfParser\PDFObject', 'formatContent');
$formatContent->setAccessible(true);

$cleaned = $formatContent->invoke(
$this->getPdfObjectInstance(new Document()),
'BT (This BI /W 258 /H 51 /should not trigger /as a /PDF command) TD ET q 65.30 0 0 18.00 412 707 cm BI /W 544 /H 150
/BPC 1 /IM true /F [/A85 /Fl] ID Gb"0F_$L6!$j/a\$:ma&h\'JnJJ9S?O_EA-W+%D^ClCH=FP3s5M-gStQm\'5/hc`C?<Q)riWgtEe:Po0dY_-er6$jM@#?n`E+#(sa"0Gk3&K>CqL(^pV$_-er6Ik`"-1]Q ;~> EI Q /F002 10.00 Tf 0.00 Tw 0 g'
);

// PdfParser should not be fooled by Q's in inline image data;
// Only one 'Q' command should be found
$commandQ = preg_match_all('/Q\r\n/', $cleaned);
$this->assertEquals(1, $commandQ);

// The 'BI' inside a string should not be interpreted as the
// beginning of an inline image command
$this->assertStringContainsString('(This BI /W 258 /H 51 /should not trigger /as a /PDF command) TD', $cleaned);

$cleaned = $formatContent->invoke(
$this->getPdfObjectInstance(new Document()),
'BT (This BI /W 258 /H 51 /should not () \) trigger /as a /PDF command) TD (There is no ID inline image in this data) TD (Nothing but text EI should be found) TD ET'
);

$this->assertEquals('BT'."\r\n".
'(This BI /W 258 /H 51 /should not () \) trigger /as a /PDF command) TD'."\r\n".
'(There is no ID inline image in this data) TD'."\r\n".
'(Nothing but text EI should be found) TD'."\r\n".
'ET', $cleaned);
}

public function testGetSectionsText(): void
{
$content = '/Shape <</MCID 1 >>BDC
Expand Down

0 comments on commit a19d555

Please sign in to comment.