How FineReader Engine handle malicious PDF files, containing (attachments with) virus or malware

Question

How we handle malicious PDF files, containing (attachments with) viruses or malware. Could you explain what happens or could happen with these sorts of files when opened/processed in FineReader Engine?

Answer

FineReader Engine uses 3rd party software Adobe PDF Library technology for opening PDF files. We have received the following information from Adobe about how it works with PDF files: 

  1. The content of an image in APDFL is always treated simply as data. It is never executed.
  2. Buffer overruns are looked for, detected, and disallowed throughout, so there should be no possibility of overlaying code with buffer data. The code was created thoughtfully, with such lines of attack considered.
  3. Encodings that are not valid will cause the decode to stop, and raise an error condition, internal to APDFL. In some instances, these will raise an exception back to the user. In others, they are caught internally, and the image data up to the point of the error is used, with the remainder of the image padded with NULL bytes.

According to this information, APDFL is safe from viral attacks. At the same time, we are not providing a written guarantee against all future attacks. 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.