[poppler] poppler/Parser.cc

Albert Astals Cid aacid at kemper.freedesktop.org
Tue May 22 17:49:21 UTC 2018


Rebased ref, commits from common ancestor:
commit 0868c499a9f5f37f8df5c9fef03c37496b40fc8a
Author: Albert Astals Cid <aacid at kde.org>
Date:   Tue May 22 19:42:38 2018 +0200

    Parser::makeStream: Fix potential integer overflow

diff --git a/poppler/Parser.cc b/poppler/Parser.cc
index 869e94ad..7ed297cb 100644
--- a/poppler/Parser.cc
+++ b/poppler/Parser.cc
@@ -13,7 +13,7 @@
 // All changes made under the Poppler project to this file are licensed
 // under GPL version 2 or later
 //
-// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014, 2017 Albert Astals Cid <aacid at kde.org>
+// Copyright (C) 2006, 2009, 201, 2010, 2013, 2014, 2017, 2018 Albert Astals Cid <aacid at kde.org>
 // Copyright (C) 2006 Krzysztof Kowalczyk <kkowalczyk at gmail.com>
 // Copyright (C) 2009 Ilya Gorenbein <igorenbein at finjan.com>
 // Copyright (C) 2012 Hib Eris <hib at hiberis.nl>
@@ -235,6 +235,9 @@ Stream *Parser::makeStream(Object &&dict, Guchar *fileKey,
       pos = pos - 1;
       lexer->lookCharLastValueCached = Lexer::LOOK_VALUE_NOT_CACHED;
   }
+  if (unlikely(pos > LONG_LONG_MAX - length)) {
+      return nullptr;
+  }
   lexer->setPos(pos + length);
 
   // refill token buffers and check for 'endstream'


More information about the poppler mailing list