From fb362089d952950212ccf159f86a46923f223172 Mon Sep 17 00:00:00 2001
From: dsinclair <dsinclair@chromium.org>
Date: Tue, 9 Aug 2016 06:50:28 -0700
Subject: Fixup various overflow conditions

There were several overflows detected by the PDF from the linked bug. This
Cl fixes up the base causes of each of them.

BUG=chromium:635473

Review-Url: https://codereview.chromium.org/2226023002
---
 core/fxcrt/include/fx_coordinates.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'core/fxcrt')

diff --git a/core/fxcrt/include/fx_coordinates.h b/core/fxcrt/include/fx_coordinates.h
index eff2a7258a..ce97f6f6f3 100644
--- a/core/fxcrt/include/fx_coordinates.h
+++ b/core/fxcrt/include/fx_coordinates.h
@@ -150,6 +150,14 @@ struct FX_RECT {
   int Height() const { return bottom - top; }
   bool IsEmpty() const { return right <= left || bottom <= top; }
 
+  bool Valid() const {
+    pdfium::base::CheckedNumeric<int> w = right;
+    pdfium::base::CheckedNumeric<int> h = bottom;
+    w -= left;
+    h -= top;
+    return w.IsValid() && h.IsValid();
+  }
+
   void Normalize();
 
   void Intersect(const FX_RECT& src);
-- 
cgit v1.2.3