Commit 33a84e1b0ebba8200cba42eb504228363b9b2e71
2024-06-27T09:41:06
buf_inspect_struct: bounds check for data + offset
diff --git a/libc3/buf_inspect.c b/libc3/buf_inspect.c
index 8ef2266..bb3a6c8 100644
--- a/libc3/buf_inspect.c
+++ b/libc3/buf_inspect.c
@@ -2292,6 +2292,7 @@ sw buf_inspect_struct (s_buf *buf, const s_struct *s)
if (s->data) {
if (! tag_type(s->type->map.value + i, &type))
return -1;
+ assert(s->type->offset[i] < s->type->size);
if ((r = data_buf_inspect(type, buf, (char *) s->data +
s->type->offset[i])) < 0)
return r;