Commit 8657c6f00489b5c26fc0c00f2fc91c5682acbe95
1 parent
8ea2f844
Prevent seeking before beginning of BufferInputSource
Showing
1 changed file
with
14 additions
and
0 deletions
libqpdf/QPDF.cc
| @@ -231,6 +231,10 @@ QPDF::BufferInputSource::~BufferInputSource() | @@ -231,6 +231,10 @@ QPDF::BufferInputSource::~BufferInputSource() | ||
| 231 | qpdf_offset_t | 231 | qpdf_offset_t |
| 232 | QPDF::BufferInputSource::findAndSkipNextEOL() | 232 | QPDF::BufferInputSource::findAndSkipNextEOL() |
| 233 | { | 233 | { |
| 234 | + if (this->cur_offset < 0) | ||
| 235 | + { | ||
| 236 | + throw std::logic_error("INTERNAL ERROR: BufferInputSource offset < 0"); | ||
| 237 | + } | ||
| 234 | qpdf_offset_t end_pos = (qpdf_offset_t) this->buf->getSize(); | 238 | qpdf_offset_t end_pos = (qpdf_offset_t) this->buf->getSize(); |
| 235 | if (this->cur_offset >= end_pos) | 239 | if (this->cur_offset >= end_pos) |
| 236 | { | 240 | { |
| @@ -301,6 +305,12 @@ QPDF::BufferInputSource::seek(qpdf_offset_t offset, int whence) | @@ -301,6 +305,12 @@ QPDF::BufferInputSource::seek(qpdf_offset_t offset, int whence) | ||
| 301 | "INTERNAL ERROR: invalid argument to BufferInputSource::seek"); | 305 | "INTERNAL ERROR: invalid argument to BufferInputSource::seek"); |
| 302 | break; | 306 | break; |
| 303 | } | 307 | } |
| 308 | + | ||
| 309 | + if (this->cur_offset < 0) | ||
| 310 | + { | ||
| 311 | + throw std::runtime_error( | ||
| 312 | + this->description + ": seek before beginning of buffer"); | ||
| 313 | + } | ||
| 304 | } | 314 | } |
| 305 | 315 | ||
| 306 | void | 316 | void |
| @@ -312,6 +322,10 @@ QPDF::BufferInputSource::rewind() | @@ -312,6 +322,10 @@ QPDF::BufferInputSource::rewind() | ||
| 312 | size_t | 322 | size_t |
| 313 | QPDF::BufferInputSource::read(char* buffer, size_t length) | 323 | QPDF::BufferInputSource::read(char* buffer, size_t length) |
| 314 | { | 324 | { |
| 325 | + if (this->cur_offset < 0) | ||
| 326 | + { | ||
| 327 | + throw std::logic_error("INTERNAL ERROR: BufferInputSource offset < 0"); | ||
| 328 | + } | ||
| 315 | qpdf_offset_t end_pos = (qpdf_offset_t) this->buf->getSize(); | 329 | qpdf_offset_t end_pos = (qpdf_offset_t) this->buf->getSize(); |
| 316 | if (this->cur_offset >= end_pos) | 330 | if (this->cur_offset >= end_pos) |
| 317 | { | 331 | { |