Null-pointer dereference in an assert in parse_xrefs
Seen in two specimens from the instigator corpus:
20221020/3a01cbdae511ae04580b2271b44918d8e815923c258c0a4e7e37cd30ed1f70a420230123/segv-0008c7866bddc4261a2872438602aeba9e1891894fb1648688da958e4df2343f
Both appear to be the same issue:
SUMMARY: AddressSanitizer: SEGV /home/sven_hallberg_sc/pdf/pdf.c:4946 in parse_xrefs#0 0x00000514fc870bdd in parse_xrefs (aux=0x7f7ffffc33d8) at pdf.c:4946
4946 assert(root->token_type == TT_Ref);
(gdb) print root
$1 = (const HParsedToken *) 0x0