Overview

File 0015-Fix-CVE-2017-7380-NULL-dereference-in-PdfPage-GetFromResources.patch of Package podofo

Subject: Fix CVE-2017-7380: NULL dereference in PdfPage::GetFromResources()
Url: https://sourceforge.net/p/podofo/code/1848/

--- a/podofo/trunk/src/doc/PdfPage.cpp
+++ b/podofo/trunk/src/doc/PdfPage.cpp
@@ -642,7 +642,7 @@
         // OC 15.08.2010 BugFix: Ghostscript creates here sometimes an indirect reference to a directory
      // PdfObject* pType = m_pResources->GetDictionary().GetKey( rType );
         PdfObject* pType = m_pResources->GetIndirectKey( rType );
-        if( pType->IsDictionary() && pType->GetDictionary().HasKey( rKey ) )
+        if( pType && pType->IsDictionary() && pType->GetDictionary().HasKey( rKey ) )
         {
             const PdfReference & ref = pType->GetDictionary().GetKey( rKey )->GetReference();
             return this->GetObject()->GetOwner()->GetObject( ref );
openSUSE Build Service is sponsored by
Places