File r1846-Fix-CVE-2017-6847-NULL-pointer-dereference.patch of Package podofo.34526
------------------------------------------------------------------------
r1846 | aja_ | 2017-05-08 15:54:34 +0200 (lun, 08 may 2017) | 2 lines
Fix CVE-2017-6847: NULL pointer dereference when reading XObject without BBox
Index: src/doc/PdfXObject.cpp
===================================================================
--- src/doc/PdfXObject.cpp	(revision 1845)
+++ src/doc/PdfXObject.cpp	(revision 1846)
@@ -261,8 +261,10 @@
     
     m_pResources = pObject->GetIndirectKey( "Resources" );
     m_Identifier = PdfName( out.str().c_str() );
-    m_rRect      = PdfRect( this->GetObject()->GetIndirectKey( "BBox" )->GetArray() );
     m_Reference  = this->GetObject()->Reference();
+
+    if( this->GetObject()->GetIndirectKey( "BBox" ) )
+        m_rRect = PdfRect( this->GetObject()->GetIndirectKey( "BBox" )->GetArray() );
 }
 
 void PdfXObject::InitXObject( const PdfRect & rRect, const char* pszPrefix )
------------------------------------------------------------------------