Overview

File r1936-Really-fix-CVE-2017-7382.patch of Package podofo.23799

------------------------------------------------------------------------
r1936 | mabri | 2018-08-24 23:40:46 +0200 (vie, 24 ago 2018) | 1 line

Really fix CVE-2017-7382

Index: src/doc/PdfFontFactory.cpp
===================================================================
--- src/doc/PdfFontFactory.cpp	(revision 1935)
+++ src/doc/PdfFontFactory.cpp	(revision 1936)
@@ -197,7 +197,13 @@
         PODOFO_RAISE_ERROR( ePdfError_InvalidDataType );
     }
 
-    const PdfName & rSubType = pObject->GetDictionary().GetKey( PdfName::KeySubtype )->GetName();
+    PdfVariant* pSubTypeKey = pObject->GetDictionary()
+                            .GetKey( PdfName::KeySubtype );
+    if ( NULL == pSubTypeKey )
+    {
+        PODOFO_RAISE_ERROR_INFO( ePdfError_InvalidDataType, "Font: No SubType" );
+    }
+    const PdfName & rSubType = pSubTypeKey->GetName();
     if( rSubType == PdfName("Type0") ) 
     {
         // The PDF reference states that DescendantFonts must be an array,

------------------------------------------------------------------------
openSUSE Build Service is sponsored by
Places