Overview

File poppler-CVE-2018-18897.patch of Package poppler.30682

diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc
index 87b7ce03d446ae9db35910d91d06ba8610573217..4e3ccbfdaf27a8eabee4b72c3dc1eb0c6f5afc5f 100644
Index: poppler-0.43.0/poppler/GfxState.cc
===================================================================
--- poppler-0.43.0.orig/poppler/GfxState.cc
+++ poppler-0.43.0/poppler/GfxState.cc
@@ -252,6 +252,10 @@ static unsigned int getCMSNChannels(cmsC
 static cmsHPROFILE loadColorProfile(const char *fileName);
 
 void GfxColorSpace::setDisplayProfile(void *displayProfileA) {
+  if (displayProfile != nullptr) {
+    error(errInternal, -1, "The display color profile can only be set once before any rendering is done.");
+    return;
+  }
   displayProfile = displayProfileA;
   if (displayProfile != NULL) {
     cmsHTRANSFORM transform;
@@ -275,6 +279,11 @@ void GfxColorSpace::setDisplayProfile(vo
 }
 
 void GfxColorSpace::setDisplayProfileName(GooString *name) {
+  if (displayProfile != nullptr) {
+    error(errInternal, -1, "The display color profile can only be set before any rendering is done.");
+    return;
+  }
+  delete displayProfileName;
   displayProfileName = name->copy();
 }
openSUSE Build Service is sponsored by
Places