Description: CVE-2017-5855
Acked-By: Mattia Rizzolo <mattia@debian.org>
Last-Update: 2017-05-17
Origin: https://sourceforge.net/p/podofo/code/1843
Bug-Debian: https://bugs.debian.org/854603

--- a/src/base/PdfParser.cpp
+++ b/src/base/PdfParser.cpp
@@ -782,6 +782,7 @@
             PODOFO_RAISE_ERROR_INFO( ePdfError_ValueOutOfRange,
                 "xref subsection's given entry numbers together too large" );
 
+        try {
 #ifdef _WIN32
 		m_nNumObjects = static_cast<long>(nFirstObject + nNumObjects);
 		m_offsets.resize(static_cast<long>(nFirstObject+nNumObjects));
@@ -789,7 +790,9 @@
 		m_nNumObjects = nFirstObject + nNumObjects;
 		m_offsets.resize(nFirstObject+nNumObjects);
 #endif // _WIN32
-
+        } catch (std::bad_alloc &ex) {
+            PODOFO_RAISE_ERROR( ePdfError_OutOfMemory );
+        }
     }
     else
     {