From 5417b8c364fb5f71176f1a22554ac98b20a58815 Mon Sep 17 00:00:00 2001
From: Vincent Le Garrec <legarrec.vincent@gmail.com>
Date: Sat, 2 Feb 2019 05:00:49 +0100
Subject: Integer-overflow in FoFiBase::checkRegion

oss-fuzz/8612
---
 fofi/FoFiBase.cc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'fofi')

diff --git a/fofi/FoFiBase.cc b/fofi/FoFiBase.cc
index 2bb116a1..03759bce 100644
--- a/fofi/FoFiBase.cc
+++ b/fofi/FoFiBase.cc
@@ -17,6 +17,7 @@
 // Copyright (C) 2011 Jim Meyering <jim@meyering.net>
 // Copyright (C) 2016, 2018 Albert Astals Cid <aacid@kde.org>
 // Copyright (C) 2019 Christian Persch <chpe@src.gnome.org>
+// Copyright (C) 2019 LE GARREC Vincent <legarrec.vincent@gmail.com>
 //
 // To see a description of the changes please see the Changelog file that
 // came with your tarball or type make ChangeLog if you are building from git
@@ -195,6 +196,7 @@ unsigned int FoFiBase::getUVarBE(int pos, int size, bool *ok) const {
 
 bool FoFiBase::checkRegion(int pos, int size) const {
   return pos >= 0 &&
+         size >= 0 &&
          pos < INT_MAX - size &&
          size < INT_MAX - pos &&
          pos + size >= pos &&
-- 
cgit v1.2.3