poppler/Form.cc | 5 +++++ 1 file changed, 5 insertions(+) New commits: commit 22b794c0535a0f3331428b570d348ee51ca980b8 Author: Sune Vuorela <s...@vuorela.dk> Date: Wed Mar 22 17:02:53 2023 +0100
Minor hardening I'm not sure how, but I succeded creating a null certificate info ptr, so better guard that for being safe. If getting the start/end fails, the objStart/objEnd might not be initialized, so guard against that. The document would be quite malformed to get here in the first place. diff --git a/poppler/Form.cc b/poppler/Form.cc index 11ee776f..608f4aa6 100644 --- a/poppler/Form.cc +++ b/poppler/Form.cc @@ -623,6 +623,10 @@ bool FormWidgetSignature::signDocument(const std::string &saveFilename, const st FormFieldSignature *signatureField = static_cast<FormFieldSignature *>(field); std::unique_ptr<X509CertificateInfo> certInfo = sigHandler.getCertificateInfo(); + if (!certInfo) { + fprintf(stderr, "signDocument: error getting signature info\n"); + return false; + } const std::string signerName = certInfo->getSubjectInfo().commonName; signatureField->setCertificateInfo(certInfo); updateWidgetAppearance(); // add visible signing info to appearance @@ -644,6 +648,7 @@ bool FormWidgetSignature::signDocument(const std::string &saveFilename, const st Goffset objStart, objEnd; if (!getObjectStartEnd(fname, vref.num, &objStart, &objEnd, ownerPassword, userPassword)) { fprintf(stderr, "signDocument: unable to get signature object offsets\n"); + return false; } // Update byte range of signature in the saved PDF