From 8249a26d69f72b9cda584c14cc3f12769985e481 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Sat, 12 Aug 2017 07:35:04 -0400
Subject: Fix infinite loop in QPDFWriter (fixes #143)

---
 libqpdf/QPDFWriter.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'libqpdf/QPDFWriter.cc')

diff --git a/libqpdf/QPDFWriter.cc b/libqpdf/QPDFWriter.cc
index de4fa349..345613ad 100644
--- a/libqpdf/QPDFWriter.cc
+++ b/libqpdf/QPDFWriter.cc
@@ -1054,6 +1054,9 @@ QPDFWriter::enqueueObject(QPDFObjectHandle object)
 		// here.  Instead, enqueue the object stream.  Object
 		// streams always have generation 0.
 		int stream_id = this->object_to_object_stream[og];
+                // Detect loops by storing invalid object ID 0, which
+                // will get overwritten later.
+                obj_renumber[og] = 0;
 		enqueueObject(this->pdf.getObjectByID(stream_id, 0));
 	    }
 	    else
@@ -1079,6 +1082,12 @@ QPDFWriter::enqueueObject(QPDFObjectHandle object)
 		}
 	    }
 	}
+        else if (obj_renumber[og] == 0)
+        {
+            // This can happen if a specially constructed file
+            // indicates that an object stream is inside itself.
+            QTC::TC("qpdf", "QPDFWriter ignore self-referential object stream");
+        }
     }
     else if (object.isArray())
     {
-- 
cgit v1.2.3-54-g00ecf