From 315092dd98d5230ef0efa18b294d464d0e9f79d0 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Tue, 25 Jul 2017 10:21:27 -0400
Subject: Avoid xref reconstruction infinite loop (fixes #100)

This is CVE-2017-9209.
---
 include/qpdf/QPDF.hh | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include')

diff --git a/include/qpdf/QPDF.hh b/include/qpdf/QPDF.hh
index 88acf6c5..f7a31edf 100644
--- a/include/qpdf/QPDF.hh
+++ b/include/qpdf/QPDF.hh
@@ -1075,6 +1075,7 @@ class QPDF
     // copied_stream_data_provider is owned by copied_streams
     CopiedStreamDataProvider* copied_stream_data_provider;
     std::set<QPDFObjGen> attachment_streams;
+    bool reconstructed_xref;
 
     // Linearization data
     qpdf_offset_t first_xref_item_offset; // actual value from file
-- 
cgit v1.2.3-54-g00ecf