Commit ac94437ae9d295efe991f148b7609c5f67580203
Committed by
GitHub
GitHub
Merge pull request #1430 from m-holger/fuzz
Refactor QPDFFormFieldObjectHelper ValueSetter::writeAppearance
Showing
4 changed files
with
9 additions
and
9 deletions
fuzz/CMakeLists.txt
fuzz/qpdf_extra/409905355.fuzz
0 → 100644
No preview for this file type
fuzz/qtest/fuzz.test
| ... | ... | @@ -11,7 +11,7 @@ my $td = new TestDriver('fuzz'); |
| 11 | 11 | |
| 12 | 12 | my $qpdf_corpus = $ENV{'QPDF_FUZZ_CORPUS'} || die "must set QPDF_FUZZ_CORPUS"; |
| 13 | 13 | |
| 14 | -my $n_qpdf_files = 93; # increment when adding new files | |
| 14 | +my $n_qpdf_files = 94; # increment when adding new files | |
| 15 | 15 | |
| 16 | 16 | my @fuzzers = ( |
| 17 | 17 | ['ascii85' => 1], | ... | ... |
libqpdf/QPDFFormFieldObjectHelper.cc
| ... | ... | @@ -585,17 +585,16 @@ ValueSetter::writeAppearance() |
| 585 | 585 | int wanted_first = QIntC::to_int(found_idx) - 1; |
| 586 | 586 | int wanted_last = QIntC::to_int(found_idx + max_rows) - 2; |
| 587 | 587 | QTC::TC("qpdf", "QPDFFormFieldObjectHelper list found"); |
| 588 | - while (wanted_first < 0) { | |
| 588 | + if (wanted_first < 0) { | |
| 589 | 589 | QTC::TC("qpdf", "QPDFFormFieldObjectHelper list first too low"); |
| 590 | - ++wanted_first; | |
| 591 | - ++wanted_last; | |
| 590 | + wanted_last -= wanted_first; | |
| 591 | + wanted_first = 0; | |
| 592 | 592 | } |
| 593 | - while (wanted_last >= QIntC::to_int(nopt)) { | |
| 593 | + if (wanted_last >= QIntC::to_int(nopt)) { | |
| 594 | 594 | QTC::TC("qpdf", "QPDFFormFieldObjectHelper list last too high"); |
| 595 | - if (wanted_first > 0) { | |
| 596 | - --wanted_first; | |
| 597 | - } | |
| 598 | - --wanted_last; | |
| 595 | + auto diff = wanted_last - QIntC::to_int(nopt) + 1; | |
| 596 | + wanted_first = std::max(0, wanted_first - diff); | |
| 597 | + wanted_last -= diff; | |
| 599 | 598 | } |
| 600 | 599 | highlight = true; |
| 601 | 600 | highlight_idx = found_idx - QIntC::to_size(wanted_first); | ... | ... |