File qpdf-CVE-2022-34503.patch of Package qpdf.34425
Index: qpdf-7.1.1/libqpdf/QPDF.cc
===================================================================
--- qpdf-7.1.1.orig/libqpdf/QPDF.cc
+++ qpdf-7.1.1/libqpdf/QPDF.cc
@@ -944,6 +944,13 @@ QPDF::processXRefStream(qpdf_offset_t xr
"Cross-reference stream's /W contains"
" impossibly large values");
}
+ if (W[i] < 0)
+ {
+ throw QPDFExc(qpdf_e_damaged_pdf, this->m->file->getName(),
+ "xref stream", xref_offset,
+ "Cross-reference stream's /W contains"
+ " negative values");
+ }
entry_size += W[i];
}
if (entry_size == 0)
