Overview

File poppler-CVE-2018-13988.patch of Package poppler.30207

Index: poppler-0.43.0/poppler/Parser.cc
===================================================================
--- poppler-0.43.0.orig/poppler/Parser.cc
+++ poppler-0.43.0/poppler/Parser.cc
@@ -145,7 +145,12 @@ Object *Parser::getObj(Object *obj, GBoo
     num = buf1.getInt();
     shift();
     if (buf1.isInt() && buf2.isCmd("R")) {
-      obj->initRef(num, buf1.getInt());
+      const int gen = buf1.getInt();
+      if (unlikely(num <= 0 || gen < 0)) {
+          error(errSyntaxError, getPos(), "Non-positive reference or negative integer");
+          goto err;
+      }
+      obj->initRef(num, gen);
       shift();
       shift();
     } else {
openSUSE Build Service is sponsored by
Places