Xpdf Security Bug: CVE-2024-7868

DCTStream::getBlock() was missing a proper check for the case where DCTStream::prepare() failed due to invalid headers. In the proof-of-concept PDF file, this led to a segfault attempting to read from an invalid address.

This will be fixed in Xpdf 4.06.

Found by: KMFL