diff --git a/poppler/Dict.h b/poppler/Dict.h
index bb747d5..a76bc89 100644
--- a/poppler/Dict.h
+++ b/poppler/Dict.h
@@ -16,6 +16,7 @@
// Copyright (C) 2005 Kristian Høgsberg <[email protected]>
// Copyright (C) 2006 Krzysztof Kowalczyk <[email protected]>
// Copyright (C) 2007-2008 Julien Rebetez <[email protected]>
+// Copyright (C) 2010 Albert Astals Cid <[email protected]>
//
// To see a description of the changes please see the Changelog file that
// came with your tarball or type make ChangeLog if you are building from git
@@ -83,6 +84,8 @@ public:
// trailer dictionary, which is read before the xref table is
// parsed.
void setXRef(XRef *xrefA) { xref = xrefA; }
+
+ XRef *getXRef() { return xref; }
private:
diff --git a/poppler/Form.cc b/poppler/Form.cc
index 21ca672..ae9c509 100644
--- a/poppler/Form.cc
+++ b/poppler/Form.cc
@@ -22,6 +22,7 @@
#pragma implementation
#endif
+#include <set>
#include <stddef.h>
#include <string.h>
#include "goo/gmem.h"
@@ -1181,7 +1182,7 @@ Form::~Form() {
}
// Look up an inheritable field dictionary entry.
-Object *Form::fieldLookup(Dict *field, char *key, Object *obj) {
+static Object *fieldLookup(Dict *field, char *key, Object *obj, std::set<int> *usedParents) {
Dict *dict;
Object parent;
@@ -1190,8 +1191,23 @@ Object *Form::fieldLookup(Dict *field, char *key, Object *obj) {
return obj;
}
obj->free();
- if (dict->lookup("Parent", &parent)->isDict()) {
- fieldLookup(parent.getDict(), key, obj);
+ dict->lookupNF("Parent", &parent);
+ if (parent.isRef()) {
+ const Ref ref = parent.getRef();
+ if (usedParents->find(ref.num) == usedParents->end()) {
+ usedParents->insert(ref.num);
+
+ Object obj2;
+ parent.fetch(dict->getXRef(), &obj2);
+ if (obj2.isDict()) {
+ fieldLookup(obj2.getDict(), key, obj, usedParents);
+ } else {
+ obj->initNull();
+ }
+ obj2.free();
+ }
+ } else if (parent.isDict()) {
+ fieldLookup(parent.getDict(), key, obj, usedParents);
} else {
obj->initNull();
}
@@ -1199,6 +1215,11 @@ Object *Form::fieldLookup(Dict *field, char *key, Object *obj) {
return obj;
}
+Object *Form::fieldLookup(Dict *field, char *key, Object *obj) {
+ std::set<int> usedParents;
+ return ::fieldLookup(field, key, obj, &usedParents);
+}
+
FormField *Form::createFieldFromDict (Object* obj, XRef *xrefA, const Ref& pref)
{
Object obj2;
diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc
index 7b85d79..76dae02 100644
--- a/poppler/Gfx.cc
+++ b/poppler/Gfx.cc
@@ -4235,8 +4235,14 @@ void Gfx::doForm(Object *str) {
}
for (i = 0; i < 4; ++i) {
bboxObj.arrayGet(i, &obj1);
- bbox[i] = obj1.getNum();
- obj1.free();
+ if (obj1.isNum()) {
+ bbox[i] = obj1.getNum();
+ obj1.free();
+ } else {
+ obj1.free();
+ error(getPos(), "Bad form bounding box value");
+ return;
+ }
}
bboxObj.free();
@@ -4666,8 +4672,14 @@ void Gfx::drawAnnot(Object *str, AnnotBorder *border, AnnotColor *aColor,
}
for (i = 0; i < 4; ++i) {
bboxObj.arrayGet(i, &obj1);
- bbox[i] = obj1.getNum();
- obj1.free();
+ if (obj1.isNum()) {
+ bbox[i] = obj1.getNum();
+ obj1.free();
+ } else {
+ obj1.free();
+ error(getPos(), "Bad form bounding box value");
+ return;
+ }
}
bboxObj.free();
diff --git a/poppler/Form.cc b/poppler/Form.cc
index 4df8a7d..21ca672 100644
--- a/poppler/Form.cc
+++ b/poppler/Form.cc
@@ -715,13 +715,14 @@ FormField::FormField(XRef* xrefA, Object *aobj, const Ref& aref, FormFieldType t
// Load children
for(int i=0; i<length; i++) {
Object obj2,obj3;
- Object childRef;
array->get(i, &obj2);
- array->getNF(i, &childRef);
if (!obj2.isDict ()) {
error (-1, "Reference to an invalid or non existant object");
+ obj2.free();
continue;
}
+ Object childRef;
+ array->getNF(i, &childRef);
//field child
if (dict->lookup ("FT", &obj3)->isName()) {
// If I'm not a generic container field and my children
diff --git a/poppler/Function.cc b/poppler/Function.cc
index b28ee3d..ea35b7b 100644
--- a/poppler/Function.cc
+++ b/poppler/Function.cc
@@ -422,7 +422,11 @@ void SampledFunction::transform(double *in, double *out) {
for (k = 0, t = j; k < m; ++k, t >>= 1) {
idx += idxMul[k] * (e[k][t & 1]);
}
- sBuf[j] = samples[idx];
+ if (idx >= 0 && idx < nSamples) {
+ sBuf[j] = samples[idx];
+ } else {
+ sBuf[j] = 0;
+ }
}
// do m sets of interpolations
diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc
index 919086e..7b85d79 100644
--- a/poppler/Gfx.cc
+++ b/poppler/Gfx.cc
@@ -1533,6 +1533,8 @@ void Gfx::opSetFillColorN(Object args[], int numArgs) {
for (i = 0; i < numArgs - 1 && i < gfxColorMaxComps; ++i) {
if (args[i].isNum()) {
color.c[i] = dblToCol(args[i].getNum());
+ } else {
+ color.c[i] = 0; // TODO Investigate if this is what Adobe does
}
}
state->setFillColor(&color);
@@ -1552,6 +1554,8 @@ void Gfx::opSetFillColorN(Object args[], int numArgs) {
for (i = 0; i < numArgs && i < gfxColorMaxComps; ++i) {
if (args[i].isNum()) {
color.c[i] = dblToCol(args[i].getNum());
+ } else {
+ color.c[i] = 0; // TODO Investigate if this is what Adobe does
}
}
state->setFillColor(&color);
@@ -1576,6 +1580,8 @@ void Gfx::opSetStrokeColorN(Object args[], int numArgs) {
for (i = 0; i < numArgs - 1 && i < gfxColorMaxComps; ++i) {
if (args[i].isNum()) {
color.c[i] = dblToCol(args[i].getNum());
+ } else {
+ color.c[i] = 0; // TODO Investigate if this is what Adobe does
}
}
state->setStrokeColor(&color);
@@ -1595,6 +1601,8 @@ void Gfx::opSetStrokeColorN(Object args[], int numArgs) {
for (i = 0; i < numArgs && i < gfxColorMaxComps; ++i) {
if (args[i].isNum()) {
color.c[i] = dblToCol(args[i].getNum());
+ } else {
+ color.c[i] = 0; // TODO Investigate if this is what Adobe does
}
}
state->setStrokeColor(&color);
diff --git a/poppler/Function.cc b/poppler/Function.cc
index b7c23fe..b28ee3d 100644
--- a/poppler/Function.cc
+++ b/poppler/Function.cc
@@ -1108,6 +1108,7 @@ PostScriptFunction::PostScriptFunction(Object *funcObj, Dict *dict) {
code = NULL;
codeString = NULL;
codeSize = 0;
+ stack = NULL;
ok = gFalse;
cache = new PopplerCache(5);
diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc
index fc004b8..919086e 100644
--- a/poppler/Gfx.cc
+++ b/poppler/Gfx.cc
@@ -536,6 +536,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, int pageNum, Dict *resDict, Catalog *cata
drawText = gFalse;
maskHaveCSPattern = gFalse;
mcStack = NULL;
+ parser = NULL;
// start the resource stack
res = new GfxResources(xref, resDict, NULL);
@@ -590,6 +591,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, Dict *resDict, Catalog *catalogA,
drawText = gFalse;
maskHaveCSPattern = gFalse;
mcStack = NULL;
+ parser = NULL;
// start the resource stack
res = new GfxResources(xref, resDict, NULL);
diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc
index 50870cc..fc004b8 100644
--- a/poppler/Gfx.cc
+++ b/poppler/Gfx.cc
@@ -4449,8 +4449,13 @@ Stream *Gfx::buildImageStream() {
obj.free();
// make stream
- str = new EmbedStream(parser->getStream(), &dict, gFalse, 0);
- str = str->addFilters(&dict);
+ if (parser->getStream()) {
+ str = new EmbedStream(parser->getStream(), &dict, gFalse, 0);
+ str = str->addFilters(&dict);
+ } else {
+ str = NULL;
+ dict.free();
+ }
return str;
}
diff --git a/poppler/Decrypt.cc b/poppler/Decrypt.cc
index ca294d3..128dbb9 100644
--- a/poppler/Decrypt.cc
+++ b/poppler/Decrypt.cc
@@ -229,6 +229,8 @@ DecryptStream::DecryptStream(Stream *strA, Guchar *fileKey,
if ((objKeyLength = keyLength + 5) > 16) {
objKeyLength = 16;
}
+
+ charactersRead = 0;
}
DecryptStream::~DecryptStream() {
diff --git a/fofi/FoFiType1.cc b/fofi/FoFiType1.cc
index 25bdc0e..3fe7f4f 100644
--- a/fofi/FoFiType1.cc
+++ b/fofi/FoFiType1.cc
@@ -13,7 +13,7 @@
// All changes made under the Poppler project to this file are licensed
// under GPL version 2 or later
//
-// Copyright (C) 2005, 2008 Albert Astals Cid <[email protected]>
+// Copyright (C) 2005, 2008, 2010 Albert Astals Cid <[email protected]>
// Copyright (C) 2005 Kristian Høgsberg <[email protected]>
// Copyright (C) 2010 Jakub Wilk <[email protected]>
//
@@ -243,7 +244,7 @@ void FoFiType1::parse() {
code = code * 8 + (*p2 - '0');
}
}
- if (code < 256) {
+ if (code < 256 && code >= 0) {
for (p = p2; *p == ' ' || *p == '\t'; ++p) ;
if (*p == '/') {
++p;