Shadowrider09

**Name of the Vulnerable Software and Affected Versions** PoDoFo versions 1.0.0 through 1.0.3 **Description** A double-free issue exists in the `compute hash to sign()` function within the src/podofo/private/OpenSSLInternal Ripped.cpp file. If the `EVP DigestFinal` function fails after the `buf` variable has been freed, the Error label triggers a second free of `buf`, leading to heap corruption (a condition where the memory allocator's internal structures are damaged). **Recommendations** Update to version 1.0.4.