diff -up qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918 qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc
--- qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
+++ qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc	2018-04-16 15:35:36.378343714 +0200
@@ -1054,12 +1054,26 @@ QPDFObjectHandle::parseInternal(PointerH
 
 	  case QPDFTokenizer::tt_array_open:
 	  case QPDFTokenizer::tt_dict_open:
-            olist_stack.push_back(std::vector<QPDFObjectHandle>());
-            state = st_start;
-            offset_stack.push_back(input->tell());
-            state_stack.push_back(
-                (token.getType() == QPDFTokenizer::tt_array_open) ?
-                st_array : st_dictionary);
+            if (olist_stack.size() > 500)
+            {
+		QTC::TC("qpdf", "QPDFObjectHandle too deep");
+                warn(context,
+                     QPDFExc(qpdf_e_damaged_pdf, input->getName(),
+                             object_description,
+                             input->getLastOffset(),
+                             "ignoring excessively deeply nested data structure"));
+                object = newNull();
+                state = st_top;
+            }
+            else
+            {
+                olist_stack.push_back(std::vector<QPDFObjectHandle>());
+                state = st_start;
+                offset_stack.push_back(input->tell());
+                state_stack.push_back(
+                    (token.getType() == QPDFTokenizer::tt_array_open) ?
+                    st_array : st_dictionary);
+            }
 	    break;
 
 	  case QPDFTokenizer::tt_bool:
diff -up qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918 qpdf-7.1.1/qpdf/qpdf.testcov
--- qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
+++ qpdf-7.1.1/qpdf/qpdf.testcov	2018-04-16 15:35:36.379343705 +0200
@@ -302,3 +302,4 @@ qpdf-c called qpdf_set_compress_streams
 qpdf-c called qpdf_set_preserve_unreferenced_objects 0
 qpdf-c called qpdf_set_newline_before_endstream 0
 QPDF_Stream TIFF predictor 0
+QPDFObjectHandle too deep 0
diff -up qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918 qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out
--- qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
+++ qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out	2018-04-16 15:53:17.499476948 +0200
@@ -1,5 +1,5 @@
 WARNING: issue-146.pdf: file is damaged
 WARNING: issue-146.pdf: can't find startxref
 WARNING: issue-146.pdf: Attempting to reconstruct cross-reference table
-WARNING: issue-146.pdf (trailer, file position 20728): unknown token while reading object; treating as string
-issue-146.pdf (trailer, file position 20732): EOF while reading token
+WARNING: issue-146.pdf (trailer, file position 695): ignoring excessively deeply nested data structure
+issue-146.pdf: unable to find trailer dictionary while recovering damaged file