From 6fb072d5c9da12e9e558897a5294bce64b545577 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Tue, 5 Jul 2022 07:12:13 +0100
Subject: [PATCH] upng-gzip: fuzz: fix unsigned overflow

https://github.com/warmcat/libwebsockets/issues/2687
---
 lib/misc/upng-gzip.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/misc/upng-gzip.c b/lib/misc/upng-gzip.c
index a3449adb3..722fa3a06 100644
--- a/lib/misc/upng-gzip.c
+++ b/lib/misc/upng-gzip.c
@@ -586,7 +586,10 @@ _lws_upng_inflate_data(inflator_ctx_t *inf)
 				return r;
 			count = tu + 3;
 
-			if ((inf->i - 1) < inf->hlit)
+			if (!inf->i) /* from google fuzzer */
+				return LWS_SRET_FATAL + 29;
+
+			if (inf->i - 1 < inf->hlit)
 				val = inf->bitlen[inf->i - 1];
 			else
 				val = inf->bitlenD[inf->i - inf->hlit - 1];