File CVE-2018-20662.patch of Package poppler

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2018-20662.patch of Package poppler

Index: poppler-0.62.0/utils/pdfunite.cc
===================================================================
--- poppler-0.62.0.orig/utils/pdfunite.cc
+++ poppler-0.62.0/utils/pdfunite.cc
@@ -163,7 +163,8 @@ int main (int argc, char *argv[])
   for (i = 1; i < argc - 1; i++) {
     GooString *gfileName = new GooString(argv[i]);
     PDFDoc *doc = new PDFDoc(gfileName, NULL, NULL, NULL);
-    if (doc->isOk() && !doc->isEncrypted()) {
+    if (doc->isOk() && !doc->isEncrypted() &&
+        doc->getXRef()->getCatalog().isDict()) {
       docs.push_back(doc);
       if (doc->getPDFMajorVersion() > majorVersion) {
         majorVersion = doc->getPDFMajorVersion();
@@ -174,8 +175,13 @@ int main (int argc, char *argv[])
         }
       }
     } else if (doc->isOk()) {
-      error(errUnimplemented, -1, "Could not merge encrypted files ('{0:s}')", argv[i]);
-      return -1;
+      if (doc->isEncrypted()) {
+        error(errUnimplemented, -1, "Could not merge encrypted files ('{0:s}')", argv[i]);
+        return -1;
+      } else if (!doc->getXRef()->getCatalog().isDict()) {
+        error(errSyntaxError, -1, "XRef's Catalog is not a dictionary ('{0:s}')", argv[i]);
+        return -1;
+      }
     } else {
       error(errSyntaxError, -1, "Could not merge damaged documents ('{0:s}')", argv[i]);
       return -1;

Places

File CVE-2018-20662.patch of Package poppler

Places