diff options
| author | Thomas Freitag <Thomas.Freitag@alfa.de> | 2012-09-09 23:21:38 +0200 |
|---|---|---|
| committer | Albert Astals Cid <aacid@kde.org> | 2012-09-09 23:21:38 +0200 |
| commit | d0df8e54512f584ca2b3edbae1c19e167948e5c3 (patch) | |
| tree | cb344e7011ade264eaa51d541c7a800f5d8f0193 | |
| parent | 86b89864396a1dcf027e5793e6ac75411977bcf9 (diff) | |
Fix invalid memory access in 1106.pdf.asan.30.120.patch
| -rw-r--r-- | poppler/Function.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/poppler/Function.cc b/poppler/Function.cc index 25e8f747..2c3aa8a1 100644 --- a/poppler/Function.cc +++ b/poppler/Function.cc @@ -17,6 +17,7 @@ // Copyright (C) 2006 Jeff Muizelaar <jeff@infidigm.net> // Copyright (C) 2010 Christian Feuersänger <cfeuersaenger@googlemail.com> // Copyright (C) 2011 Andrea Canciani <ranma42@gmail.com> +// Copyright (C) 2012 Thomas Freitag <Thomas.Freitag@alfa.de> // // To see a description of the changes please see the Changelog file that // came with your tarball or type make ChangeLog if you are building from git @@ -1010,6 +1011,10 @@ public: return; } --sp; + if (sp + i + 1 >= psStackSize) { + error(errSyntaxError, -1, "Stack underflow in PostScript function"); + return; + } stack[sp] = stack[sp + 1 + i]; } void pop() |