Fix CVE-2017-14685: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14685 Patch copied from upstream source repository: https://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a From ab1a420613dec93c686acbee2c165274e922f82a Mon Sep 17 00:00:00 2001 From: Tor Andersson Date: Tue, 19 Sep 2017 15:23:04 +0200 Subject: [PATCH] Fix 698539: Don't use xps font if it could not be loaded. xps_load_links_in_glyphs did not cope with font loading failures. --- source/xps/xps-link.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source/xps/xps-link.c b/source/xps/xps-link.c index c07e0d7..c26a8d9 100644 --- a/source/xps/xps-link.c +++ b/source/xps/xps-link.c @@ -91,6 +91,8 @@ xps_load_links_in_glyphs(fz_context *ctx, xps_document *doc, const fz_matrix *ct bidi_level = atoi(bidi_level_att); font = xps_lookup_font(ctx, doc, base_uri, font_uri_att, style_att); + if (!font) + return; text = xps_parse_glyphs_imp(ctx, doc, &local_ctm, font, fz_atof(font_size_att), fz_atof(origin_x_att), fz_atof(origin_y_att), is_sideways, bidi_level, indices_att, unicode_att); -- 2.9.1