[poppler] poppler/Parser.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Tue May 22 17:43:19 UTC 2018
poppler/Parser.cc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
New commits:
commit 12adb97e5a0e28434dfdf94edf52bb3a92aa3910
Author: Albert Astals Cid <aacid at kde.org>
Date: Tue May 22 19:42:38 2018 +0200
Parser::makeStream: Fix potential integer overflow
diff --git a/poppler/Parser.cc b/poppler/Parser.cc
index 869e94ad..8ebe7b89 100644
--- a/poppler/Parser.cc
+++ b/poppler/Parser.cc
@@ -13,7 +13,7 @@
// All changes made under the Poppler project to this file are licensed
// under GPL version 2 or later
//
-// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014, 2017 Albert Astals Cid <aacid at kde.org>
+// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014, 2017, 2018 Albert Astals Cid <aacid at kde.org>
// Copyright (C) 2006 Krzysztof Kowalczyk <kkowalczyk at gmail.com>
// Copyright (C) 2009 Ilya Gorenbein <igorenbein at finjan.com>
// Copyright (C) 2012 Hib Eris <hib at hiberis.nl>
@@ -235,6 +235,9 @@ Stream *Parser::makeStream(Object &&dict, Guchar *fileKey,
pos = pos - 1;
lexer->lookCharLastValueCached = Lexer::LOOK_VALUE_NOT_CACHED;
}
+ if (unlikely((pos > LONG_LONG_MAX - length)) {
+ return nullptr;
+ }
lexer->setPos(pos + length);
// refill token buffers and check for 'endstream'
More information about the poppler
mailing list