Blob Blame Raw
From c909964bff671d5ff0d8eee5f613ded4562f8afd Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Sat, 7 Mar 2015 14:54:43 +0100
Subject: Do not assert on broken document

Bug #89422

diff --git a/poppler/SecurityHandler.cc b/poppler/SecurityHandler.cc
index d6f5599..44bd8b8 100644
--- a/poppler/SecurityHandler.cc
+++ b/poppler/SecurityHandler.cc
@@ -288,12 +288,16 @@ StandardSecurityHandler::StandardSecurityHandler(PDFDoc *docA,
 	ok = gTrue;
       } else if (encVersion == 5 && encRevision == 5) {
 	fileID = new GooString(); // unused for V=R=5
-	ownerEnc = ownerEncObj.getString()->copy();
-	userEnc = userEncObj.getString()->copy();
-	if (fileKeyLength > 32 || fileKeyLength < 0) {
-	  fileKeyLength = 32;
+	if (ownerEncObj.isString() && userEncObj.isString()) {
+	  ownerEnc = ownerEncObj.getString()->copy();
+	  userEnc = userEncObj.getString()->copy();
+	  if (fileKeyLength > 32 || fileKeyLength < 0) {
+	    fileKeyLength = 32;
+	  }
+	  ok = gTrue;
+	} else {
+	  error(errSyntaxError, -1, "Weird encryption owner/user info");
 	}
-	ok = gTrue;
       } else if (!(encVersion == -1 && encRevision == -1)) {
 	error(errUnimplemented, -1,
 	      "Unsupported version/revision ({0:d}/{1:d}) of Standard security handler",
-- 
cgit v0.10.2