From ad8081daf597b8f46696d5ddae82770ab419ad82 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Tue, 27 Aug 2019 10:46:06 -0400
Subject: Fix fuzz issue 15442 (overflow checking in BufferInputSource)

---
 include/qpdf/BufferInputSource.hh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/qpdf/BufferInputSource.hh b/include/qpdf/BufferInputSource.hh
index 90263335..b11189eb 100644
--- a/include/qpdf/BufferInputSource.hh
+++ b/include/qpdf/BufferInputSource.hh
@@ -54,7 +54,7 @@ class BufferInputSource: public InputSource
     virtual void unreadCh(char ch);
 
   private:
-    qpdf_offset_t const bufSizeAsOffset() const;
+    static void range_check(qpdf_offset_t cur, qpdf_offset_t delta);
 
     class Members
     {
@@ -72,6 +72,7 @@ class BufferInputSource: public InputSource
         std::string description;
         Buffer* buf;
         qpdf_offset_t cur_offset;
+        qpdf_offset_t max_offset;
     };
 
     PointerHolder<Members> m;
-- 
cgit v1.2.3-54-g00ecf