File poppler-CVE-2018-21009.patch of Package poppler.34111

Index: poppler-0.62.0/poppler/Parser.cc
===================================================================
--- poppler-0.62.0.orig/poppler/Parser.cc
+++ poppler-0.62.0/poppler/Parser.cc
@@ -249,6 +249,12 @@ Stream *Parser::makeStream(Object &&dict
       pos = pos - 1;
       lexer->lookCharLastValueCached = Lexer::LOOK_VALUE_NOT_CACHED;
   }
+  if (unlikely(pos > LONG_LONG_MAX - length)) {
+      return NULL;
+  }
+  if (unlikely(length < 0)) {
+      return NULL;
+  }
   lexer->setPos(pos + length);
 
   // refill token buffers and check for 'endstream'

Places

File poppler-CVE-2018-21009.patch of Package poppler.34111

Places