Bug 698704: Fix for overflow check failing due to 'clever' compiler.

Adopt Josephs suggested fix for arithmetic overflow. Thanks to Kan-Ru Chen for spotting the problem.
author: Robin Watts <robin.watts@artifex.com> 2017-11-07 17:53:40 +0000
committer: Robin Watts <robin.watts@artifex.com> 2017-11-08 09:36:23 +0000
commit: d18bc728e46c5a5708f14d27c2b6c44e1d0c3232 (patch)
tree: abdcb02045caf591b9855315085142aae27acc07 /source/pdf
parent: e664cdb39b3b1d55fd143239ec5d58f28bec3008 (diff)
download: mupdf-d18bc728e46c5a5708f14d27c2b6c44e1d0c3232.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
index ba2d575f..00586dbd 100644
--- a/source/pdf/pdf-xref.c
+++ b/source/pdf/pdf-xref.c
@@ -933,7 +933,7 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, in
 	pdf_xref_entry *table;
 	int i, n;
 
-	if (i0 < 0 || i1 < 0 || (i0+i1) < 0)
+	if (i0 < 0 || i1 < 0 || i0 > INT_MAX - i1)
 		fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index");
 	//if (i0 + i1 > pdf_xref_len(ctx, doc))
 	//	fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries");
author	Robin Watts <robin.watts@artifex.com>	2017-11-07 17:53:40 +0000
committer	Robin Watts <robin.watts@artifex.com>	2017-11-08 09:36:23 +0000
commit	d18bc728e46c5a5708f14d27c2b6c44e1d0c3232 (patch)
tree	abdcb02045caf591b9855315085142aae27acc07 /source/pdf
parent	e664cdb39b3b1d55fd143239ec5d58f28bec3008 (diff)
download	mupdf-d18bc728e46c5a5708f14d27c2b6c44e1d0c3232.tar.xz