From 32f64d32dfcf526fd5d4384f5caec78ea4dc065a Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Sat, 4 May 2024 08:37:46 -0400 Subject: [PATCH] [SAS7BCAT reader] fix bounds check Closes #299 Closes #303 --- src/sas/readstat_sas7bcat_read.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sas/readstat_sas7bcat_read.c b/src/sas/readstat_sas7bcat_read.c index b3e14f0..61a1e96 100644 --- a/src/sas/readstat_sas7bcat_read.c +++ b/src/sas/readstat_sas7bcat_read.c @@ -60,7 +60,7 @@ static readstat_error_t sas7bcat_parse_value_labels(const char *value_start, siz /* Pass 1 -- find out the offset of the labels */ for (i=0; i value_labels_len || sas_read2(&lbp1[2], ctx->bswap) < 0) { + if (&lbp1[4] - value_start > value_labels_len || sas_read2(&lbp1[2], ctx->bswap) < 0) { retval = READSTAT_ERROR_PARSE; goto cleanup; }