From 459fa8b8400579c42564392315cc550578c9511d Mon Sep 17 00:00:00 2001
From: Tim Ledbetter <timledbetter@gmail.com>
Date: Wed, 17 Jan 2024 21:36:58 +0000
Subject: [PATCH] LibPDF: Ensure that xref subsection numbers are u32

Previously, parsing an xref entry with a floating point subsection
number would cause a crash.
---
 Userland/Libraries/LibPDF/DocumentParser.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Userland/Libraries/LibPDF/DocumentParser.cpp b/Userland/Libraries/LibPDF/DocumentParser.cpp
index a1e9944ef7..b711180358 100644
--- a/Userland/Libraries/LibPDF/DocumentParser.cpp
+++ b/Userland/Libraries/LibPDF/DocumentParser.cpp
@@ -499,9 +499,12 @@ PDFErrorOr<NonnullRefPtr<XRefTable>> DocumentParser::parse_xref_table()
         Vector<XRefEntry> entries;
 
         auto starting_index_value = TRY(parse_number());
-        auto starting_index = starting_index_value.get<int>();
         auto object_count_value = TRY(parse_number());
+        if (!(starting_index_value.has_u32() && object_count_value.has_u32()))
+            return error("Malformed xref entry");
+
         auto object_count = object_count_value.get<int>();
+        auto starting_index = starting_index_value.get<int>();
 
         for (int i = 0; i < object_count; i++) {
             auto offset_string = ByteString(m_reader.bytes().slice(m_reader.offset(), 10));