Fix the potential integer overflow from "offset + size"

core/src/fxcrt/extension.h

Index: core/src/fxcrt/extension.h
diff --git a/core/src/fxcrt/extension.h b/core/src/fxcrt/extension.h
index 8d9597bfd15f155809cb8d35cacb0f5756665eca..eed303f669702cd23c3a9c0e4a831cf75218c24f 100644
--- a/core/src/fxcrt/extension.h
+++ b/core/src/fxcrt/extension.h
@@ -6,6 +6,9 @@
 
 #ifndef _FXCRT_EXTENSION_IMP_
 #define _FXCRT_EXTENSION_IMP_
+
+const size_t MAX_SIZE_T = size_t(-1);
+
 class IFXCRT_FileAccess
 {
 public:
@@ -194,7 +197,7 @@ public:
     }
     virtual FX_BOOL				SetRange(FX_FILESIZE offset, FX_FILESIZE size)
     {
-        if (offset < 0 || (size_t)(offset + size) > m_nCurSize) {
+        if (offset < 0 || offset + size > m_nCurSize) {
             return FALSE;
         }
         m_nOffset = (size_t)offset, m_nSize = (size_t)size;
@@ -214,6 +217,10 @@ public:
         if (m_bUseRange) {
             offset += (FX_FILESIZE)m_nOffset;
         }
+
+        if(offset > MAX_SIZE_T - size)
+            return FALSE;
+
         if ((size_t)offset + size > m_nCurSize) {
             return FALSE;
         }
@@ -263,6 +270,9 @@ public:
             offset += (FX_FILESIZE)m_nOffset;
         }
         if (m_dwFlags & FX_MEMSTREAM_Consecutive) {
+            if(offset > MAX_SIZE_T - size)
+                return FALSE;
+
             m_nCurPos = (size_t)offset + size;
             if (m_nCurPos > m_nTotalSize) {
                 IFX_Allocator* pAllocator = m_Blocks.m_pAllocator;
@@ -284,6 +294,10 @@ public:
             }
             return TRUE;
         }
+
+        if(offset > MAX_SIZE_T - size)
+            return FALSE;
+
         if (!ExpandBlocks((size_t)offset + size)) {
             return FALSE;
         }