From b0454cec0bd05568c1dc3ca65ed68a9f19c1194a Mon Sep 17 00:00:00 2001
From: Mark Rogers <mark.rogers@powermapper.com>
Date: Sun, 15 Apr 2018 20:57:49 +0100
Subject: [PATCH] PoFoFo: fix CVE-2018-5296 by reducing limit in s_nMaxObjects

---
 Electrum/Mapper/Libs/podofo/src/base/PdfParser.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Electrum/Mapper/Libs/podofo/src/base/PdfParser.cpp b/Electrum/Mapper/Libs/podofo/src/base/PdfParser.cpp
index c6aeb47e5..1c7655a94 100644
--- a/Electrum/Mapper/Libs/podofo/src/base/PdfParser.cpp
+++ b/Electrum/Mapper/Libs/podofo/src/base/PdfParser.cpp
@@ -72,7 +72,9 @@ using std::flush;
 
 namespace PoDoFo {
 
-long PdfParser::s_nMaxObjects = std::numeric_limits<long>::max();
+// this value is from Table C.1 in Appendix C.2 Architectural Limits in PDF 32000-1:2008
+const PoDoFo::pdf_int64 maxNumberOfIndirectObjects = 8388607;
+long PdfParser::s_nMaxObjects = maxNumberOfIndirectObjects;
 
 PdfParser::PdfParser( PdfVecObjects* pVecObjects )
     : PdfTokenizer(), m_vecObjects( pVecObjects ), m_bStrictParsing( false )
-- 
2.15.1