poppler/Parser.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
New commits: commit 1c403665cc7726091465f93955ff6c3af4064a49 Author: Adam Reichold <[email protected]> Date: Sat Sep 22 13:22:43 2018 +0200 Fix overflow by noting that pos + length instead of just length must stay within bounds when trying to recover. oss-fuzz/8670 diff --git a/poppler/Parser.cc b/poppler/Parser.cc index 1d5240c9..b26fff75 100644 --- a/poppler/Parser.cc +++ b/poppler/Parser.cc @@ -265,7 +265,7 @@ Stream *Parser::makeStream(Object &&dict, Guchar *fileKey, // When building the xref we can't use it so use this // kludge for broken PDF files: just add 5k to the length, and // hope its enough - if (length < LLONG_MAX - 5000) + if (length < LLONG_MAX - pos - 5000) length += 5000; } } _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
