Created attachment 32642 [details] [review] patch for case where line1 is NULL --- fofi/FoFiType1.cc 2004-01-22 02:26:44.000000000 +0100 +++ fofi/FoFiType1.cc 2009-11-12 20:09:18.000000000 +0100 @@ -163,7 +163,8 @@ void FoFiType1::parse() { line = getNextLine(line); for (j = 0; j < 300 && line; ++j) { line1 = getNextLine(line); - if ((n = line1 - line) > 255) { + // line1 could be NULL + if ((n = line1 - line) > 255 || n < 0) { n = 255; } strncpy(buf, line, n);
Created attachment 32643 [details] pdf that should trigger the bug
fofi/FoFiType1.cc doesn't have that line you mention, it would be good if you sent patches that actually were appliable over current code.
I believe you are mistaken: http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc#n223 The patch applies fine for me on 0.12.2 or git master.
Interesting, the patch you attached is different from the patch you wrote into the bug description...
Anyway line1 - line can never be negative so closing the bug again.
The attached PDF opens fine for you?
Open for me: yes Render properly: no But your patch is not about fixing rendering, just about fixing a crash that can not happen, look at the code and tell me how line1 is going to be smaller than line. If you want you can open a different bug about the pdf not rendering correctly, patches to fix that more than welcome.
Sorry last comment is partially wrong. The file opens and renders correctly for me.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.