Commit 0c5318ebad0ad765f306dd1ea646475db2d236c9
Committed by
GitHub
GitHub
Merge pull request #1480 from m-holger/fuzz
Apply sanity checks on dangling reference object ids encountered before
Showing
1 changed file
with
1 additions
and
1 deletions
libqpdf/QPDF_objects.cc
| @@ -1845,7 +1845,7 @@ QPDF::getObjectForParser(int id, int gen, bool parse_pdf) | @@ -1845,7 +1845,7 @@ QPDF::getObjectForParser(int id, int gen, bool parse_pdf) | ||
| 1845 | if (auto iter = m->obj_cache.find(og); iter != m->obj_cache.end()) { | 1845 | if (auto iter = m->obj_cache.find(og); iter != m->obj_cache.end()) { |
| 1846 | return iter->second.object; | 1846 | return iter->second.object; |
| 1847 | } | 1847 | } |
| 1848 | - if (m->xref_table.contains(og) || !m->parsed) { | 1848 | + if (m->xref_table.contains(og) || (!m->parsed && og.getObj() < m->xref_table_max_id)) { |
| 1849 | return m->obj_cache.insert({og, QPDFObject::create<QPDF_Unresolved>(this, og)}) | 1849 | return m->obj_cache.insert({og, QPDFObject::create<QPDF_Unresolved>(this, og)}) |
| 1850 | .first->second.object; | 1850 | .first->second.object; |
| 1851 | } | 1851 | } |