Fix the potential integer overflow from 'offset+size' in extension.h and fpdfview.cpp

BUG=397258
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/419063002

2 files changed, 5 insertions, 0 deletions

diff --git a/core/include/fxcrt/fx_stream.h b/core/include/fxcrt/fx_stream.h
index ef730bb967..8e298f7727 100644
--- a/core/include/fxcrt/fx_stream.h
+++ b/core/include/fxcrt/fx_stream.h
@@ -30,6 +30,7 @@ FX_DEFINEHANDLE(FX_HFILE)
 #endif
 #define FX_FILESIZE			off_t
 #endif
+typedef base::CheckedNumeric<FX_FILESIZE>    FX_SAFE_FILESIZE;
 #define FX_GETBYTEOFFSET32(a)	0
 #define FX_GETBYTEOFFSET40(a)	0
 #define FX_GETBYTEOFFSET48(a)	0
diff --git a/core/include/fxcrt/fx_system.h b/core/include/fxcrt/fx_system.h
index 7488e9d2dc..391380304c 100644
--- a/core/include/fxcrt/fx_system.h
+++ b/core/include/fxcrt/fx_system.h
@@ -276,6 +276,10 @@ int			FXSYS_round(FX_FLOAT f);
 #ifdef __cplusplus
 };
 
+#include "../../../third_party/numerics/safe_math.h"
+typedef base::CheckedNumeric<FX_DWORD> 		FX_SAFE_DWORD;
+typedef base::CheckedNumeric<FX_INT32> 		FX_SAFE_INT;
+typedef base::CheckedNumeric<size_t>            FX_SAFE_SIZET;
 #if defined(__clang__) || _MSC_VER >= 1700
 #define FX_FINAL final
 #elif defined(__GNUC__) && __cplusplus >= 201103 && \