Fix buffer overflow (#218)

See oss-fuzz/28787
2025-09-18 09:50:07 +08:00 · 2020-12-18 19:42:11 -05:00
parent 78bbf4250e
commit 50c9bdfee6
1 changed files with 4 additions and 0 deletions
--- a/src/libmdb/map.c
+++ b/src/libmdb/map.c
@@ -24,6 +24,10 @@ mdb_map_find_next0(MdbHandle *mdb, unsigned char *map, unsigned int map_sz, guin
 	guint32 pgnum, i, usage_bitlen;
 	unsigned char *usage_bitmap;

+	if (map_sz < 5) {
+		return 0;
+	}
+
 	pgnum = mdb_get_int32(map, 1);
 	usage_bitmap = map + 5;
 	usage_bitlen = (map_sz - 5) * 8;