diff -rupN podofo-0.9.6/src/base/PdfEncoding.cpp podofo-0.9.6-new/src/base/PdfEncoding.cpp
--- podofo-0.9.6/src/base/PdfEncoding.cpp	2017-04-28 18:49:01.000000000 +0200
+++ podofo-0.9.6-new/src/base/PdfEncoding.cpp	2019-03-13 23:15:12.294138709 +0100
@@ -285,6 +285,12 @@ void PdfEncoding::ParseToUnicode()
             
             if (strcmp (streamToken, "beginbfrange") == 0)
             {
+                // need 2 entries - one to pop() and one for top()
+                if ( stkToken.size() < 2 )
+                {
+                    PODOFO_RAISE_ERROR_INFO(ePdfError_InvalidStream, "CMap missing object number before beginbfrange");
+                }
+
                 i = loop = 0;
                 in_beginbfrange = 1;
                 stkToken.pop ();
@@ -301,6 +307,12 @@ void PdfEncoding::ParseToUnicode()
             
             if (strcmp (streamToken, "beginbfchar") == 0)
             {
+                // need 2 entries - one to pop() and one for top()
+                if ( stkToken.size() < 2 )
+                {
+                    PODOFO_RAISE_ERROR_INFO(ePdfError_InvalidStream, "CMap missing object number before beginbfchar");
+                }
+
                 i = loop = 0;
                 in_beginbfchar = 1;
                 stkToken.pop ();
diff -rupN podofo-0.9.6/test/unit/EncodingTest.cpp podofo-0.9.6-new/test/unit/EncodingTest.cpp
--- podofo-0.9.6/test/unit/EncodingTest.cpp	2018-03-10 18:01:08.000000000 +0100
+++ podofo-0.9.6-new/test/unit/EncodingTest.cpp	2019-03-13 23:15:12.294138709 +0100
@@ -359,6 +359,57 @@ void EncodingTest::testToUnicodeParse()
 #endif
         CPPUNIT_ASSERT_EQUAL( expects, unicodeStr[ii] );
     }
+
+    const char* toUnicodeInvalidTests[] =
+    {
+        // missing object numbers
+        "beginbfrange\n",
+        "beginbfchar\n",
+
+        // invalid hex digits
+        "2 beginbfrange <WXYZ> endbfrange\n",
+        "2 beginbfrange <-123> endbfrange\n",
+        "2 beginbfrange <<00>> endbfrange\n",
+
+        // missing hex digits
+        "2 beginbfrange <> endbfrange\n",
+
+        // empty array
+        "2 beginbfrange [] endbfrange\n",
+
+        nullptr
+    };
+
+    for ( size_t i = 0 ; toUnicodeInvalidTests[i] != nullptr ; ++i )
+    {
+        try
+        {
+            PdfVecObjects vecInvalid;
+            PdfObject *strmInvalidObject;
+
+            vec.SetAutoDelete( true );
+
+            strmInvalidObject = vecInvalid.CreateObject( PdfVariant( PdfDictionary() ) );
+            strmInvalidObject->GetStream()->Set( toUnicodeInvalidTests[i], strlen( toUnicodeInvalidTests[i] ) );
+
+            PdfIdentityEncoding encodingTestInvalid(0x0001, 0x000F, true, strmInvalidObject);
+
+            PdfString unicodeStringTestInvalid = encoding.ConvertToUnicode( PdfString( encodedStr ), NULL );
+
+            // exception not thrown - should never get here
+            // TODO not all invalid input throws an exception (e.g. no hex digits in <WXYZ>)
+            //CPPUNIT_ASSERT( false );
+        }
+        catch ( PoDoFo::PdfError& error )
+        {
+            // parsing every invalid test string should throw an exception
+            CPPUNIT_ASSERT( true );
+        }
+        catch( std::exception& ex )
+        {
+            CPPUNIT_FAIL( "Unexpected exception type" );
+        }
+    }
 }
 
 bool EncodingTest::outofRangeHelper( PdfEncoding* pEncoding, std::string & rMsg, const char* pszName )