I would like to know if there are dangerous safety/security issues when a application is designed to call a command-line utility that opens a PDF file and 开发者_StackOverflow社区yields some information in text files or images.
OS command injection comes to mind. If the user is able to control part of the command line (e.g. "AcroRd32.exe file.pdf") If the attacker can control the name of the file, then you have to add strong white-list validation, so that "AcroRd32.exe file.pdf && format C: && rem .pdf" cannot be injected for example
Yes, calling a command line utility presents extra security concerns: Your application is now only as secure as the command line utility.
As an example, if there is a buffer overflow in the utility, then an attacher might be able to exploit it via your application.
No-one yet seems to have mentioned the most obvious attack. If I know you're calling an application (eg) 'c:\program files\acrord32.exe', then I can replace that with a malware executable and wait for something to call it.
Having said that though, if I have access to the operating system to make a change like this, then all bets are off. I could just as easily run the malware, install a key logger, etc etc.
If however the system is fairly protected from alteration and your users are remotely using this application (such as a web app?) then you can help protect exploits like this by using a known and trusted version of the executable, and generating/checking an md5 sum of the executable before using it. This helps ensure that the program has not been modified/replaced
The main security vulnerability related to doing so: Path Manipulation.
(The other posters all raise valid security issues with PDF files)
PDF files are well know carriers of back-door access to systems. BUT it is the program that reads the file that is actually attacking your system, using the instructions that it finds in the PDF file.
So if you're using AcroRd32.exe, or any other know insecure .exe to 'yield(s) some information in text files or images.' then you're still allowing the malicious code in the PDF file to be executed.
If you can use a true text-parsing system to extract the data, then there is no mechanism that can provide a path for malicious code execution. I know there are extensions to the perl language used for parsing text out of PDF files, AND there probably many others.
I hope this helps.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论