From aaf356ba9ff36fb68f493d70c1b47d98d4bb77fd Mon Sep 17 00:00:00 2001
From: Pierre Muller <pierre@freepascal.org>
Date: Wed, 12 Apr 2023 20:10:44 +0200
Subject: [PATCH] Avoid read past buffer end for empty source when checking for
 utf-8 signature

---
 compiler/scanner.pas | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/compiler/scanner.pas b/compiler/scanner.pas
index c98003f349..6845be0c54 100644
--- a/compiler/scanner.pas
+++ b/compiler/scanner.pas
@@ -3721,7 +3721,8 @@ type
                  begin
                    c:=inputpointer^;
                    { eat utf-8 signature? }
-                   if (ord(inputpointer^)=$ef) and
+                   if (bufsize>2) and
+                     (ord(inputpointer^)=$ef) and
                      (ord((inputpointer+1)^)=$bb) and
                      (ord((inputpointer+2)^)=$bf) then
                      begin