diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt
index c1ce4b7..a437cc7 100644
--- a/fuzz/CMakeLists.txt
+++ b/fuzz/CMakeLists.txt
@@ -159,6 +159,8 @@ set(CORPUS_OTHER
   409905355.fuzz
   411312393.fuzz
   433311400.fuzz
+  440599107.fuzz
+  440747125.fuzz
   4720043549327360.fuzz
   5109284021272576.fuzz
   6489005569146880.fuzz
diff --git a/fuzz/qpdf_extra/440599107.fuzz b/fuzz/qpdf_extra/440599107.fuzz
new file mode 100644
index 0000000..272e7d3
--- /dev/null
+++ b/fuzz/qpdf_extra/440599107.fuzz
diff --git a/fuzz/qpdf_extra/440747125.fuzz b/fuzz/qpdf_extra/440747125.fuzz
new file mode 100644
index 0000000..394ce25
--- /dev/null
+++ b/fuzz/qpdf_extra/440747125.fuzz
diff --git a/fuzz/qtest/fuzz.test b/fuzz/qtest/fuzz.test
index 2fee3de..d141db7 100644
--- a/fuzz/qtest/fuzz.test
+++ b/fuzz/qtest/fuzz.test
@@ -11,7 +11,7 @@ my $td = new TestDriver('fuzz');
 
 my $qpdf_corpus = $ENV{'QPDF_FUZZ_CORPUS'} || die "must set QPDF_FUZZ_CORPUS";
 
-my $n_qpdf_files = 99;       # increment when adding new files
+my $n_qpdf_files = 101;       # increment when adding new files
 
 my @fuzzers = (
     ['ascii85' => 1],
diff --git a/libqpdf/NNTree.cc b/libqpdf/NNTree.cc
index d1da166..751bd72 100644
--- a/libqpdf/NNTree.cc
+++ b/libqpdf/NNTree.cc
@@ -103,10 +103,12 @@ NNTreeIterator::getNextKid(PathElement& pe, bool backward)
     }
 }
 
+// iterator can be incremented or decremented, or dereferenced. This does not imply that it points
+// to a valid item.
 bool
 NNTreeIterator::valid() const
 {
-    return item_number >= 0 && ivalue.first && ivalue.second;
+    return item_number >= 0;
 }
 
 void