Overview

File r1848-Fix-CVE-2017-7380-NULL-dereference.patch of Package podofo.23799

------------------------------------------------------------------------
r1848 | aja_ | 2017-05-08 16:21:17 +0200 (lun, 08 may 2017) | 2 lines

Fix CVE-2017-7380: NULL dereference in PdfPage::GetFromResources()


Index: src/doc/PdfPage.cpp
===================================================================
--- src/doc/PdfPage.cpp	(revision 1847)
+++ src/doc/PdfPage.cpp	(revision 1848)
@@ -642,7 +642,7 @@
         // OC 15.08.2010 BugFix: Ghostscript creates here sometimes an indirect reference to a directory
      // PdfObject* pType = m_pResources->GetDictionary().GetKey( rType );
         PdfObject* pType = m_pResources->GetIndirectKey( rType );
-        if( pType->IsDictionary() && pType->GetDictionary().HasKey( rKey ) )
+        if( pType && pType->IsDictionary() && pType->GetDictionary().HasKey( rKey ) )
         {
             const PdfReference & ref = pType->GetDictionary().GetKey( rKey )->GetReference();
             return this->GetObject()->GetOwner()->GetObject( ref );

------------------------------------------------------------------------
openSUSE Build Service is sponsored by
Places