Description: CVE-2017-8787
Acked-By: Mattia Rizzolo <mattia@debian.org>
Origin: https://sourceforge.net/p/podofo/code/185
Bug-Debian: https://bugs.debian.org/861738
Last-Update: 2017-11-12

--- a/src/base/PdfXRefStreamParserObject.cpp
+++ b/src/base/PdfXRefStreamParserObject.cpp
@@ -124,6 +124,11 @@
     pdf_long     lBufferLen;
     const size_t entryLen  = static_cast<size_t>(nW[0] + nW[1] + nW[2]);
 
+    if( nW[0] + nW[1] + nW[2] < 0 )
+    {
+        PODOFO_RAISE_ERROR_INFO( ePdfError_NoXRef, "Invalid entry length in XRef stream" );
+    }
+
     this->GetStream()->GetFilteredCopy( &pBuffer, &lBufferLen );