Fix CVE-2017-15587. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15587 https://nandynarwhals.org/CVE-2017-15587/ This patch is these two upstream commits squashed together: diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c index 66bd0ed8..89499e61 100644 --- a/source/pdf/pdf-xref.c +++ b/source/pdf/pdf-xref.c @@ -924,7 +924,7 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, fz pdf_xref_entry *table; int i, n; - if (i0 < 0 || i1 < 0) + if (i0 < 0 || i1 < 0 || i0 > INT_MAX - i1) fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index"); //if (i0 + i1 > pdf_xref_len(ctx, doc)) // fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries"); -- 2.15.0