Expose StackDepthGuard via ISeekableTokenScanner so DirectObjectFinder.Get can enforce the nesting depth limit when resolving indirect references and fix #1274

Author: BobLd

src/UglyToad.PdfPig.Tests/Integration/GithubIssuesTests.cs

@@ -11,6 +11,50 @@
 
     public class GithubIssuesTests
     {
+        [Fact]
+        public void Issues1274()
+        {
+            // Minimal PDF with self-referencing object: "1 0 obj 1 0 R"
+            const string pdf = "255044462d312e300a312030206f626a3c3c2f547970652f4361742e300a312030" +
+                               "206f626a2031203020523e22656e646f626a0a322030206f626a3c33203020525d" +
+                               "2f436f756e7420313e3e656e646f626a0a332030206f626a3c3c2f547970652f50" +
+                               "6167652f4d65646961426f785b30143020363132203739325d2f50617265603020" +
+                               "522f5265736f75726365733c3c2f466f6e743cc2c2c2c23030303030206e200a30" +
+                               "302030206e200a36362030c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2" +
+                               "c23c2f46312034203020523e3e3e3e2f436f6e74656e74732035203020523e3e65" +
+                               "6e646f626a0a352030206f626a3c3c2f547970652f466f6e742f53756274797065" +
+                               "2f54797065312f42617365466f6e742f48656c7665746963613e3e656e536f626a" +
+                               "0a352030206f626a3c3c2f4c656e6774682034343e3e73747265616d0a425b5b5b" +
+                               "5b5b5b5b735b5b5b5b7fff30203730302054642028486500006f2920546a204554" +
+                               "0a656e6473747265616d20656e646f626a0a787265660a3020360a303020363535" +
+                               "33352066200a3030203030303030206e200a35382030306e200a30302030206e20" +
+                               "0a36362030206e200a33332030206e200a747261696c65723c3c2f53697a652036" +
+                               "2f526f6f742031203020523e3e0a7374617274787265660a3432370a2525454f46";
+
+            var payload = FromHexString(pdf);
+
+            var options = new ParsingOptions { MaxStackDepth = 256 };
+            using var ms = new MemoryStream(payload);
+            var ex = Assert.Throws<PdfDocumentFormatException>(() => PdfDocument.Open(ms, options));
+            Assert.Equal($"Exceeded maximum nesting depth of {options.MaxStackDepth}.", ex.Message);
+            return;
+
+            static byte[] FromHexString(string hexString)
+            {
+                if (hexString.Length % 2 != 0)
+                {
+                    throw new ArgumentException("Hex string must have an even number of characters.", nameof(hexString));
+                }
+
+                byte[] result = new byte[hexString.Length / 2];
+                for (int i = 0; i < result.Length; i++)
+                {
+                    result[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
+                }
+                return result;
+            }
+        }
+
         [Fact]
         public void Issues1250()
         {

src/UglyToad.PdfPig.Tests/Tokens/TestPdfTokenScanner.cs

@@ -8,7 +8,10 @@ namespace UglyToad.PdfPig.Tests.Tokens
 
     internal class TestPdfTokenScanner : IPdfTokenScanner
     {
+        public StackDepthGuard StackDepthGuard => StackDepthGuard.Infinite;
+
         public Dictionary<IndirectReference, ObjectToken> Objects { get; } = new Dictionary<IndirectReference, ObjectToken>();
+     
         public bool MoveNext()
         {
             throw new NotImplementedException();

src/UglyToad.PdfPig.Tokenization/Scanner/CoreTokenScanner.cs

@@ -52,7 +52,8 @@ public class CoreTokenScanner : ISeekableTokenScanner
         /// </remarks>
         private readonly bool isStream;
 
-        private readonly StackDepthGuard stackDepthGuard;
+        /// <inheritdoc/>
+        public StackDepthGuard StackDepthGuard { get; }
 
         /// <summary>
         /// Create a new <see cref="CoreTokenScanner"/> from the input.
@@ -68,10 +69,10 @@ public CoreTokenScanner(
         {
             this.inputBytes = inputBytes ?? throw new ArgumentNullException(nameof(inputBytes));
             this.usePdfDocEncoding = usePdfDocEncoding;
-            this.stackDepthGuard = stackDepthGuard;
+            this.StackDepthGuard = stackDepthGuard;
             this.stringTokenizer = new StringTokenizer(usePdfDocEncoding);
-            this.arrayTokenizer = new ArrayTokenizer(usePdfDocEncoding, this.stackDepthGuard, useLenientParsing);
-            this.dictionaryTokenizer = new DictionaryTokenizer(usePdfDocEncoding, this.stackDepthGuard, useLenientParsing: useLenientParsing);
+            this.arrayTokenizer = new ArrayTokenizer(usePdfDocEncoding, this.StackDepthGuard, useLenientParsing);
+            this.dictionaryTokenizer = new DictionaryTokenizer(usePdfDocEncoding, this.StackDepthGuard, useLenientParsing: useLenientParsing);
             this.scope = scope;
             this.namedDictionaryRequiredKeys = namedDictionaryRequiredKeys;
             this.useLenientParsing = useLenientParsing;
@@ -106,14 +107,14 @@ public void Seek(long position)
         /// <inheritdoc />
         public bool MoveNext()
         {
-            stackDepthGuard.Enter();
+            StackDepthGuard.Enter();
             try
             {
                 return MoveNextInternal();
             }
             finally
             {
-                stackDepthGuard.Exit();
+                StackDepthGuard.Exit();
             }
         }
 
@@ -186,7 +187,7 @@ private bool MoveNextInternal()
                                     && CurrentToken is NameToken name
                                     && namedDictionaryRequiredKeys.TryGetValue(name, out var requiredKeys))
                                 {
-                                    tokenizer = new DictionaryTokenizer(usePdfDocEncoding, stackDepthGuard, requiredKeys, useLenientParsing);
+                                    tokenizer = new DictionaryTokenizer(usePdfDocEncoding, StackDepthGuard, requiredKeys, useLenientParsing);
                                 }
                             }
                             else

src/UglyToad.PdfPig.Tokenization/Scanner/ISeekableTokenScanner.cs

@@ -1,11 +1,18 @@
 namespace UglyToad.PdfPig.Tokenization.Scanner
 {
+    using UglyToad.PdfPig.Core;
+
     /// <inheritdoc />
     /// <summary>
     /// A <see cref="T:UglyToad.PdfPig.Tokenization.Scanner.ITokenScanner" /> that supports seeking in the underlying input data.
     /// </summary>
     public interface ISeekableTokenScanner : ITokenScanner
     {
+        /// <summary>
+        /// Gets the guard object used to track and limit stack depth during recursive operations.
+        /// </summary>
+        StackDepthGuard StackDepthGuard { get; }
+
         /// <summary>
         /// Move to the specified position.
         /// </summary>

src/UglyToad.PdfPig/Parser/Parts/DirectObjectFinder.cs

@@ -102,14 +102,22 @@ public static bool TryGet<T>(IToken? token, IPdfTokenScanner scanner, [NotNullWh
         /// </summary>
         public static T Get<T>(IToken token, IPdfTokenScanner scanner) where T : class, IToken
         {
-            if (token is T result)
+            scanner.StackDepthGuard.Enter();
+            try
             {
-                return result;
-            }
+                if (token is T result)
+                {
+                    return result;
+                }
 
-            if (token is IndirectReferenceToken reference)
+                if (token is IndirectReferenceToken reference)
+                {
+                    return Get<T>(reference.Data, scanner);
+                }
+            }
+            finally
             {
-                return Get<T>(reference.Data, scanner);
+                scanner.StackDepthGuard.Exit();
             }
 
             throw new PdfDocumentFormatException($"Could not find the object {token} with type {typeof(T).Name} instead, it was found with type {token.GetType().Name}.");

src/UglyToad.PdfPig/Tokenization/Scanner/PdfTokenScanner.cs

@@ -51,7 +51,8 @@ internal class PdfTokenScanner : IPdfTokenScanner
 
         public long Length => coreTokenScanner.Length;
 
-        private readonly StackDepthGuard stackDepthGuard;
+        /// <inheritdoc/>
+        public StackDepthGuard StackDepthGuard { get; }
 
         public PdfTokenScanner(
             IInputBytes inputBytes,
@@ -68,7 +69,7 @@ public PdfTokenScanner(
             this.encryptionHandler = encryptionHandler;
             this.fileHeaderOffset = fileHeaderOffset;
             this.parsingOptions = parsingOptions;
-            this.stackDepthGuard = stackDepthGuard;
+            this.StackDepthGuard = stackDepthGuard;
             coreTokenScanner = new CoreTokenScanner(inputBytes,  true, stackDepthGuard, useLenientParsing: parsingOptions.UseLenientParsing);
         }
 
@@ -888,7 +889,7 @@ private IReadOnlyList<ObjectToken> ParseObjectStream(StreamToken stream, XrefLoc
             var scanner = new CoreTokenScanner(
                 bytes,
                 true,
-                stackDepthGuard,
+                StackDepthGuard,
                 useLenientParsing: parsingOptions.UseLenientParsing,
                 isStream: true);