poppler/TextOutputDev.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
New commits: commit c114a90063d755639d2b0dbf816690a66b54bee0 Author: Albert Astals Cid <[email protected]> Date: Sun Feb 8 00:24:11 2015 +0100 Fix crash in fuzzed file from Bug #84988 diff --git a/poppler/TextOutputDev.cc b/poppler/TextOutputDev.cc index c9db1e7..150d444 100644 --- a/poppler/TextOutputDev.cc +++ b/poppler/TextOutputDev.cc @@ -20,7 +20,7 @@ // Copyright (C) 2006 Jeff Muizelaar <[email protected]> // Copyright (C) 2007, 2008, 2012 Adrian Johnson <[email protected]> // Copyright (C) 2008 Koji Otani <[email protected]> -// Copyright (C) 2008, 2010-2012, 2014 Albert Astals Cid <[email protected]> +// Copyright (C) 2008, 2010-2012, 2014, 2015 Albert Astals Cid <[email protected]> // Copyright (C) 2008 Pino Toscano <[email protected]> // Copyright (C) 2008, 2010 Hib Eris <[email protected]> // Copyright (C) 2009 Ross Moore <[email protected]> @@ -622,6 +622,10 @@ void TextPool::addWord(TextWord *word) { TextWord *w0, *w1; // expand the array if needed + if (unlikely((word->base / textPoolStep) > INT_MAX)) { + error(errSyntaxWarning, -1, "word->base / textPoolStep > INT_MAX"); + return; + } wordBaseIdx = (int)(word->base / textPoolStep); if (minBaseIdx > maxBaseIdx) { minBaseIdx = wordBaseIdx - 128; _______________________________________________ poppler mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/poppler
