3 files changed, 64 insertions(+), 1 deletions(-)

M gnu/local.mk
A gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch
M gnu/packages/pdf.scm

@@ 915,6 915,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/polkit-drop-test.patch			\
   %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch	\
   %D%/packages/patches/poppler-CVE-2017-9776.patch		\
+  %D%/packages/patches/poppler-fix-crash-with-broken-documents.patch	\
   %D%/packages/patches/portaudio-audacity-compat.patch		\
   %D%/packages/patches/portmidi-modular-build.patch		\
   %D%/packages/patches/procmail-ambiguous-getline-debian.patch  \

@@ 0,0 1,61 @@
+Copied from:
+
+  https://cgit.freedesktop.org/poppler/poppler/patch/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a
+
+From 5c9b08a875b07853be6c44e43ff5f7f059df666a Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Sat, 27 May 2017 00:09:17 +0200
+Subject: pdfunite: Fix crash with broken documents
+
+Sometimes we can't parse pages so check before accessing them
+
+Thanks to Jiaqi Peng for the report
+
+Fixes bugs #101153 and #101149
+
+diff --git a/utils/pdfunite.cc b/utils/pdfunite.cc
+index dfe48bf..c32e201 100644
+--- a/utils/pdfunite.cc
++++ b/utils/pdfunite.cc
+@@ -7,7 +7,7 @@
+ // Copyright (C) 2011-2015, 2017 Thomas Freitag <Thomas.Freitag@alfa.de>
+ // Copyright (C) 2012 Arseny Solokha <asolokha@gmx.com>
+ // Copyright (C) 2012 Fabio D'Urso <fabiodurso@hotmail.it>
+-// Copyright (C) 2012, 2014 Albert Astals Cid <aacid@kde.org>
++// Copyright (C) 2012, 2014, 2017 Albert Astals Cid <aacid@kde.org>
+ // Copyright (C) 2013 Adrian Johnson <ajohnson@redneon.com>
+ // Copyright (C) 2013 Hib Eris <hib@hiberis.nl>
+ // Copyright (C) 2015 Arthur Stavisky <vovodroid@gmail.com>
+@@ -268,15 +268,15 @@ int main (int argc, char *argv[])
+     catDict->lookup("OutputIntents", &intents);
+     catDict->lookupNF("AcroForm", &afObj);
+     Ref *refPage = docs[0]->getCatalog()->getPageRef(1);
+-    if (!afObj.isNull()) {
++    if (!afObj.isNull() && refPage) {
+       docs[0]->markAcroForm(&afObj, yRef, countRef, 0, refPage->num, refPage->num);
+     }
+     catDict->lookupNF("OCProperties", &ocObj);
+-    if (!ocObj.isNull() && ocObj.isDict()) {
++    if (!ocObj.isNull() && ocObj.isDict() && refPage) {
+       docs[0]->markPageObjects(ocObj.getDict(), yRef, countRef, 0, refPage->num, refPage->num);
+     }
+     catDict->lookup("Names", &names);
+-    if (!names.isNull() && names.isDict()) {
++    if (!names.isNull() && names.isDict() && refPage) {
+       docs[0]->markPageObjects(names.getDict(), yRef, countRef, 0, refPage->num, refPage->num);
+     }
+     if (intents.isArray() && intents.arrayGetLength() > 0) {
+@@ -353,6 +353,10 @@ int main (int argc, char *argv[])
+ 
+   for (i = 0; i < (int) docs.size(); i++) {
+     for (j = 1; j <= docs[i]->getNumPages(); j++) {
++      if (!docs[i]->getCatalog()->getPage(j)) {
++        continue;
++      }
++
+       PDFRectangle *cropBox = NULL;
+       if (docs[i]->getCatalog()->getPage(j)->isCropped())
+         cropBox = docs[i]->getCatalog()->getPage(j)->getCropBox();
+-- 
+cgit v0.10.2
+

@@ 135,7 135,8 @@
   (source
     (origin
       (inherit (package-source poppler))
-      (patches (search-patches "poppler-CVE-2017-9776.patch"))))))
+      (patches (search-patches "poppler-fix-crash-with-broken-documents.patch"
+                               "poppler-CVE-2017-9776.patch"))))))
 
 (define-public poppler-qt4
   (package/inherit poppler