poppler/XRef.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit a7154bcc6aba5429dc6cc024bd90dae2f1d2d0c1
Author: Albert Astals Cid <[email protected]>
Date: Fri May 25 16:21:45 2018 +0200
XRef::readXRefTable: Rewrite overflow check
In a way that it doesn't depend on undefined behaviour
fixes oss-fuzz/8528
diff --git a/poppler/XRef.cc b/poppler/XRef.cc
index 95d19021..6afb51a0 100644
--- a/poppler/XRef.cc
+++ b/poppler/XRef.cc
@@ -574,7 +574,7 @@ GBool XRef::readXRefTable(Parser *parser, Goffset *pos,
std::vector<Goffset> *fo
goto err0;
}
n = obj.getInt();
- if (first < 0 || n < 0 || first + n < 0) {
+ if (first < 0 || n < 0 || first > INT_MAX - n) {
goto err0;
}
if (first + n > size) {
_______________________________________________
poppler mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/poppler
