Commit a84a0b248768dcbab7fc007bb22a258cac9e4131
1 parent
ec09b914
Add range check in QPDFNumberTreeObjectHelper (fuzz issue 37740)
Showing
3 changed files
with
4 additions
and
0 deletions
ChangeLog
fuzz/qpdf_extra/37740.fuzz
0 → 100644
No preview for this file type
libqpdf/QPDFNumberTreeObjectHelper.cc
| 1 | 1 | #include <qpdf/QPDFNumberTreeObjectHelper.hh> |
| 2 | 2 | #include <qpdf/NNTree.hh> |
| 3 | +#include <qpdf/QIntC.hh> | |
| 3 | 4 | |
| 4 | 5 | class NumberTreeDetails: public NNTreeDetails |
| 5 | 6 | { |
| ... | ... | @@ -235,6 +236,7 @@ QPDFNumberTreeObjectHelper::findObjectAtOrBelow( |
| 235 | 236 | return false; |
| 236 | 237 | } |
| 237 | 238 | oh = i->second; |
| 239 | + QIntC::range_check_substract(idx, i->first); | |
| 238 | 240 | offset = idx - i->first; |
| 239 | 241 | return true; |
| 240 | 242 | } | ... | ... |