[Downloads] BaseFile shouldn't read past the expected EOF for a stub file.

content/browser/download/base_file.cc

Index: content/browser/download/base_file.cc
diff --git a/content/browser/download/base_file.cc b/content/browser/download/base_file.cc
index ad34a7f3f406827b94fd8cdb54a74a5e261e32ac..e34970f786875d077c112a20aaf70f03cff69dd8 100644
--- a/content/browser/download/base_file.cc
+++ b/content/browser/download/base_file.cc
@@ -219,18 +219,24 @@ DownloadInterruptReason BaseFile::CalculatePartialHash(
 
   const size_t kMinBufferSize = secure_hash_->GetHashLength();
   const size_t kMaxBufferSize = 1024 * 512;
+  static_assert(kMaxBufferSize <= std::numeric_limits<int>::max(),
+                "kMaxBufferSize must fit on an int");
 
   // The size of the buffer is:
   // - at least kMinBufferSize so that we can use it to hold the hash as well.
   // - at most kMaxBufferSize so that there's a reasonable bound.
   // - not larger than |bytes_so_far_| unless bytes_so_far_ is less than the
   //   hash size.
-  std::vector<char> buffer(std::max(
-      kMinBufferSize, std::min<size_t>(kMaxBufferSize, bytes_so_far_)));
+  std::vector<char> buffer(std::max<int64_t>(
+      kMinBufferSize, std::min<int64_t>(kMaxBufferSize, bytes_so_far_)));
 
   int64_t current_position = 0;
   while (current_position < bytes_so_far_) {
-    int length = file_.ReadAtCurrentPos(&buffer.front(), buffer.size());
+    // While std::min needs to work with int64_t, the result is always at most
+    // kMaxBufferSize, which fits on an int.
+    int bytes_to_read =
+        std::min<int64_t>(buffer.size(), bytes_so_far_ - current_position);
+    int length = file_.ReadAtCurrentPos(&buffer.front(), bytes_to_read);
     if (length == -1) {
       return LogInterruptReason("Reading partial file",
                                 logging::GetLastSystemErrorCode(),