From e27ceb2b0e64b9a56ba79d844ea96553d87dc113 Mon Sep 17 00:00:00 2001
From: Robin Watts <Robin.Watts@artifex.com>
Date: Tue, 26 Jan 2021 19:20:36 +0000
Subject: [PATCH] OSS-Fuzz 29728: Avoid buffer overflow.

Don't access past the end of the xref_index.
---
 source/pdf/pdf-xref.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
index a160d20b1..4b58d356f 100644
--- a/source/pdf/pdf-xref.c
+++ b/source/pdf/pdf-xref.c
@@ -301,7 +301,7 @@ pdf_xref_entry *pdf_get_xref_entry(fz_context *ctx, pdf_document *doc, int i)
 	if (i < 0)
 		fz_throw(ctx, FZ_ERROR_GENERIC, "Negative object number requested");
 
-	if (i <= doc->max_xref_len)
+	if (i < doc->max_xref_len)
 		j = doc->xref_index[i];
 	else
 		j = 0;
-- 
2.34.5