Scroll at the top of the page when changing page

[evince.git] / pdf / xpdf / Catalog.cc

diff --git a/pdf/xpdf/Catalog.cc b/pdf/xpdf/Catalog.cc
index ad0821bc5c872c67972d253af4f9124e8d111e7d..8762cd4cb4d1a908436382fbadfc4d26b5805620 100644 (file)
--- a/pdf/xpdf/Catalog.cc
+++ b/pdf/xpdf/Catalog.cc
@@ -56,13 +56,23 @@ Catalog::Catalog(XRef *xrefA) {
     goto err2;
   }
   pagesDict.dictLookup("Count", &obj);
-  if (!obj.isInt()) {
+  // some PDF files actually use real numbers here ("/Count 9.0")
+  if (!obj.isNum()) {
     error(-1, "Page count in top-level pages object is wrong type (%s)",
          obj.getTypeName());
     goto err3;
   }
-  pagesSize = numPages0 = obj.getInt();
+  pagesSize = numPages0 = (int)obj.getNum();
   obj.free();
+  // The gcc doesnt optimize this away, so this check is ok,
+  // even if it looks like a pagesSize != pagesSize check
+  if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize ||
+      pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) {
+    error(-1, "Invalid 'pagesSize'");
+    ok = gFalse;
+    return;
+  }
+
   pages = (Page **)gmalloc(pagesSize * sizeof(Page *));
   pageRefs = (Ref *)gmalloc(pagesSize * sizeof(Ref));
   for (i = 0; i < pagesSize; ++i) {
@@ -190,6 +200,11 @@ int Catalog::readPageTree(Dict *pagesDict, PageAttrs *attrs, int start) {
       }
       if (start >= pagesSize) {
        pagesSize += 32;
+        if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize ||
+            pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) {
+          error(-1, "Invalid 'pagesSize' parameter.");
+          goto err3;
+        }
        pages = (Page **)grealloc(pages, pagesSize * sizeof(Page *));
        pageRefs = (Ref *)grealloc(pageRefs, pagesSize * sizeof(Ref));
        for (j = pagesSize - 32; j < pagesSize; ++j) {
@@ -307,8 +322,8 @@ Object *Catalog::findDestInTree(Object *tree, GString *name, Object *obj) {
        } else if (cmp < 0) {
          done = gTrue;
        }
-       name1.free();
       }
+      name1.free();
     }
     names.free();
     if (!found)