

The pitfalls of protocol design [pdf] - DyslexicAtheist
http://www.ieee-security.org/TC/SPW2014/papers/5103a198.PDF

======
DyslexicAtheist
>> Also, difficulties showing termination of parsing some features of the PDF
format readily translated into denial of service attacks against existing PDF
parsers—we came up with a single PDF file that made all the existing PDF
implementations we could test enter an endless loop.

would be nice to have the test pdf released under an open source license to
use for security validation in current parser implementation

