Avoid pointer arithmetic in fz_seek.

The pointer arithmetic could over/underflow, causing the range test to pass even when it shouldn't (due to compiler oddities).
author: Tor Andersson <tor.andersson@artifex.com> 2011-10-31 22:40:03 +0100
committer: Tor Andersson <tor.andersson@artifex.com> 2011-11-01 23:46:57 +0100
commit: d5bdf330a2e9b5596dd7a3f40a6cbd81bd6e0538 (patch)
tree: d71ebee6070f956c34a5d25f51399f5da2dc88de /fitz/stm_read.c
parent: cf4d72646d02e0b05bdb7985aa9400f5d67253e8 (diff)
download: mupdf-d5bdf330a2e9b5596dd7a3f40a6cbd81bd6e0538.tar.xz
1 files changed, 3 insertions, 3 deletions
diff --git a/fitz/stm_read.c b/fitz/stm_read.c
index 59f06433..ff97340f 100644
--- a/fitz/stm_read.c
+++ b/fitz/stm_read.c
@@ -175,10 +175,10 @@ fz_seek(fz_stream *stm, int offset, int whence)
 		}
 		if (whence == 0)
 		{
-			unsigned char *p = stm->wp - (stm->pos - offset);
-			if (p >= stm->bp && p <= stm->wp)
+			int dist = stm->pos - offset;
+			if (dist >= 0 && dist <= stm->wp - stm->bp)
 			{
-				stm->rp = p;
+				stm->rp = stm->wp - dist;
 				stm->eof = 0;
 				return;
 			}
author	Tor Andersson <tor.andersson@artifex.com>	2011-10-31 22:40:03 +0100
committer	Tor Andersson <tor.andersson@artifex.com>	2011-11-01 23:46:57 +0100
commit	d5bdf330a2e9b5596dd7a3f40a6cbd81bd6e0538 (patch)
tree	d71ebee6070f956c34a5d25f51399f5da2dc88de /fitz/stm_read.c
parent	cf4d72646d02e0b05bdb7985aa9400f5d67253e8 (diff)
download	mupdf-d5bdf330a2e9b5596dd7a3f40a6cbd81bd6e0538.tar.xz