From 48cbb0fe106cdee008b41883dff830c7530c663e Mon Sep 17 00:00:00 2001
From: Robin Watts <robin.watts@artifex.com>
Date: Mon, 20 Jul 2015 15:53:18 +0100
Subject: Bug 696100: Fix NULL deref.

Check flow is not NULL before dereferencing it. Everything else
in this area of the code copes with it being NULL.
---
 source/html/html-layout.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/html/html-layout.c b/source/html/html-layout.c
index 3d34be59..bfb1b09e 100644
--- a/source/html/html-layout.c
+++ b/source/html/html-layout.c
@@ -922,7 +922,7 @@ static fz_html_flow *find_list_mark_anchor(fz_context *ctx, fz_html *box)
 		if (box->type == BOX_FLOW)
 		{
 			fz_html_flow *flow = box->flow_head;
-			if (flow->type == FLOW_BREAK)
+			if (flow && flow->type == FLOW_BREAK)
 				flow = flow->next;
 			while (flow && flow->type == FLOW_GLUE)
 				flow = flow->next;
-- 
cgit v1.2.3