From f0343565edd3679210c598d3361ad9530829e73c Mon Sep 17 00:00:00 2001
From: m-holger <m-holger@kubitscheck.org>
Date: Wed, 17 Jan 2024 14:07:37 +0000
Subject: Tighten checks for invalid indirect references  during xref
 reconstruction

---
 libqpdf/QPDF.cc | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libqpdf')

diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
index 8cff3dfd..01158ce2 100644
--- a/libqpdf/QPDF.cc
+++ b/libqpdf/QPDF.cc
@@ -1195,6 +1195,10 @@ QPDF::insertFreeXrefEntry(QPDFObjGen og)
 void
 QPDF::insertReconstructedXrefEntry(int obj, qpdf_offset_t f1, int f2)
 {
+    if (!(obj > 0 && 0 <= f2 && f2 < 65535)) {
+        QTC::TC("qpdf", "QPDF xref overwrite invalid objgen");
+        return;
+    }
     QPDFObjGen og(obj, f2);
     if (!m->deleted_objects.count(obj)) {
         // deleted_objects stores the uncompressed objects removed from the xref table at the start
-- 
cgit v1.2.3-54-g00ecf