fixed : crash if pdf stream length is zero after decompress

in flate_decode_filter() sometimes decompressed stream length is zero,
in such case, realloc() frees memory.
this causes memory corruption when we free the memory again.

src/pdf_doc.cpp

@@ -794,10 +794,14 @@ PdfDocument:: newFontObject(const char *font_name)
 
 static void pdf_stream_prepend(PdfObject *stream, const char *str, int len)
 {
+    if (len==0 or str==NULL)
+        return;
     char *new_stream = (char*) malloc2(len + stream->stream->len);
     memcpy(new_stream, str, len);
     if (stream->stream->len!=0) {
         memcpy(new_stream+len, stream->stream->stream, stream->stream->len);
+    }
+    if (stream->stream->stream){
         free(stream->stream->stream);
     }
     stream->stream->stream = new_stream;
@@ -807,6 +811,8 @@ static void pdf_stream_prepend(PdfObject *stream, const char *str, int len)
 // get a stream object and append a char stream to it
 static void pdf_stream_append(PdfObject *stream, const char *str, int len)
 {
+    if (len==0 or str==NULL)
+        return;
     int old_len = stream->stream->len;
     stream->stream->len += len;
     stream->stream->stream = (char*) realloc(stream->stream->stream, stream->stream->len);

src/pdf_filters.cpp

@@ -76,6 +76,10 @@ int flate_decode_filter(char **stream, size_t *len, DictObj &dict)
     if (buff){
         new_stream_content = buff;
     }
+    // new_stream_len my be zero after decompress, in that case realloc() frees memory
+    if (!new_stream_len){
+        new_stream_content = NULL;
+    }
     *stream = new_stream_content;
     *len = new_stream_len;
     return 0;

src/pdf_objects.cpp

@@ -278,7 +278,9 @@ PdfObject:: PdfObject() {
 void
 PdfObject:: setType(ObjectType obj_type)
 {
-    type = obj_type;//TODO : if prev type is not PDF_OBJ_UNKNOWN , clear()
+    if (obj_type!=PDF_OBJ_UNKNOWN)
+        this->clear();
+    type = obj_type;
     switch (type)
     {
     case PDF_OBJ_DICT: