From bc9dc84d999c8b63a0d07d50a05e8e06e2f4db76 Mon Sep 17 00:00:00 2001
From: Marek Kasik <mkasik@redhat.com>
Date: Fri, 9 Jun 2023 15:25:09 +0200
Subject: [PATCH] Check isDict before calling getDict

Resolves: #2189827
---
 poppler-21.01.0-pdfunite-check-isDict.patch | 41 +++++++++++++++++++++
 poppler.spec                                |  9 ++++-
 2 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 poppler-21.01.0-pdfunite-check-isDict.patch

diff --git a/poppler-21.01.0-pdfunite-check-isDict.patch b/poppler-21.01.0-pdfunite-check-isDict.patch
new file mode 100644
index 0000000..2ffdf72
--- /dev/null
+++ b/poppler-21.01.0-pdfunite-check-isDict.patch
@@ -0,0 +1,41 @@
+From 4631115647c1e4f0482ffe0491c2f38d2231337b Mon Sep 17 00:00:00 2001
+From: crt <chluo@cse.cuhk.edu.hk>
+Date: Fri, 29 Jul 2022 20:51:11 +0000
+Subject: Check isDict before calling getDict
+
+Issue #1276
+
+diff --git a/utils/pdfunite.cc b/utils/pdfunite.cc
+index b96b0378..050927d3 100644
+--- a/utils/pdfunite.cc
++++ b/utils/pdfunite.cc
+@@ -197,6 +197,14 @@ int main(int argc, char *argv[])
+     Object ocObj;
+     if (docs.size() >= 1) {
+         Object catObj = docs[0]->getXRef()->getCatalog();
++        if(!catObj.isDict()){
++            fclose(f);
++            delete yRef;
++            delete countRef;
++            delete outStr;
++            error(errSyntaxError, -1, "XRef's Catalog is not a dictionary.");
++            return -1;
++        }
+         Dict *catDict = catObj.getDict();
+         intents = catDict->lookup("OutputIntents");
+         afObj = catDict->lookupNF("AcroForm").copy();
+@@ -295,6 +303,14 @@ int main(int argc, char *argv[])
+             }
+         }
+         Object pageCatObj = docs[i]->getXRef()->getCatalog();
++        if(!pageCatObj.isDict()){
++            fclose(f);
++            delete yRef;
++            delete countRef;
++            delete outStr;
++            error(errSyntaxError, -1, "XRef's Catalog is not a dictionary.");
++            return -1;
++        }
+         Dict *pageCatDict = pageCatObj.getDict();
+         Object pageNames = pageCatDict->lookup("Names");
+         if (!pageNames.isNull() && pageNames.isDict()) {
diff --git a/poppler.spec b/poppler.spec
index 57a651c..dbcf888 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -3,7 +3,7 @@
 Summary: PDF rendering library
 Name:    poppler
 Version: 21.01.0
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:     http://poppler.freedesktop.org/
 Source0: http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -38,6 +38,9 @@ Patch8:  poppler-21.01.0-jbig-symbol-overflow.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2189815
 Patch9:  poppler-21.01.0-pdfunite-broken-document.patch
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=2189811
+Patch10: poppler-21.01.0-pdfunite-check-isDict.patch
+
 BuildRequires: make
 BuildRequires: cmake
 BuildRequires: gcc-c++
@@ -231,6 +234,10 @@ test "$(pkg-config --modversion poppler-qt5)" = "%{version}"
 %{_mandir}/man1/*
 
 %changelog
+* Fri Jun  9 2023 Marek Kasik <mkasik@redhat.com> - 21.01.0-16
+- Check isDict before calling getDict
+- Resolves: #2189827
+
 * Fri Jun  9 2023 Marek Kasik <mkasik@redhat.com> - 21.01.0-15
 - Don't crash in broken documents
 - Resolves: #2189848