diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp
--- podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp	2019-01-15 14:04:40.000000000 +0100
+++ podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp	2021-01-09 20:24:45.328924249 +0100
@@ -615,6 +615,12 @@ PdfEncrypt* PdfEncrypt::CreatePdfEncrypt
             && PdfEncrypt::IsEncryptionEnabled( ePdfEncryptAlgorithm_RC4V2 ) ) 
     {
         // [Alexey] - lLength is pdf_int64. Please make changes in encryption algorithms
+        // [mabri] - Fix CVE-2018-12983: Check key length lLength here
+        // to prevent stack-based buffer over-read in line 867 of this file
+        if (lLength > MD5_DIGEST_LENGTH * 8) // lLength in bits, md5 in bytes 
+        {
+            PODOFO_RAISE_ERROR_INFO( ePdfError_ValueOutOfRange, "Given key length too large for MD5." );
+        }
         pdfEncrypt = new PdfEncryptRC4(oValue, uValue, pValue, rValue, ePdfEncryptAlgorithm_RC4V2, static_cast<int>(lLength), encryptMetadata);
     }
     else