poppler/Annot.cc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-)
New commits: commit 0e8ed9a34e04cc4e56b31f4057c267630c4a7656 Author: Albert Astals Cid <[email protected]> Date: Mon Sep 23 10:01:18 2019 +0200 Annot: Fix uninitialized memory read on broken files By initializing width and charCount earlier in Annot::layoutText, there's two early return that need the values to be initialized and we were initializing them later in the function anyway so just move the block to the beginning of the function diff --git a/poppler/Annot.cc b/poppler/Annot.cc index e896468b..b51eeae4 100644 --- a/poppler/Annot.cc +++ b/poppler/Annot.cc @@ -3864,6 +3864,12 @@ void Annot::layoutText(const GooString *text, GooString *outBuf, int *i, double w = 0.0; int uLen, n; double dx, dy, ox, oy; + + if (width != nullptr) + *width = 0.0; + if (charCount != nullptr) + *charCount = 0; + if (!text) { return; } @@ -4023,11 +4029,6 @@ void Annot::layoutText(const GooString *text, GooString *outBuf, int *i, const char *s = outBuf->c_str(); int len = outBuf->getLength(); - if (width != nullptr) - *width = 0.0; - if (charCount != nullptr) - *charCount = 0; - while (len > 0) { dx = 0.0; n = font->getNextChar(s, len, &c, &uAux, &uLen, &dx, &dy, &ox, &oy); _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
