Make sure the fuzzer read size does not go negative.

testing/libfuzzer/xfa_codec_fuzzer.h

Index: testing/libfuzzer/xfa_codec_fuzzer.h
diff --git a/testing/libfuzzer/xfa_codec_fuzzer.h b/testing/libfuzzer/xfa_codec_fuzzer.h
index 6a84ed85725939eb030880f2652dc739dcd085f2..63991c555f690dc57940790f39f765d42380384f 100644
--- a/testing/libfuzzer/xfa_codec_fuzzer.h
+++ b/testing/libfuzzer/xfa_codec_fuzzer.h
@@ -49,8 +49,11 @@ class XFACodecFuzzer {
     void Release() override {}
 
     FX_BOOL ReadBlock(void* buffer, FX_FILESIZE offset, size_t size) override {
+      if (offset <= 0 || offset >= m_size)

[Lei Zhang, 2016/10/04 19:13:15]

No, 0 is a valid offset.

[dsinclair, 2016/10/04 19:15:29]

Bugger, mis-read your previous comment.

+        return FALSE;
       if (offset + size > m_size)
         size = m_size - offset;
+
       memcpy(buffer, m_data + offset, size);
       return TRUE;
     }