Skip to content

Commit 54605bd

Browse files
authored
CDRIVER-5680 Address potential integer overflow when validating old binary data length (#1718)
1 parent 219bacb commit 54605bd

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/libbson/src/bson/bson-iter.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -641,7 +641,7 @@ _bson_iter_next_internal (bson_iter_t *iter, /* INOUT */
641641
/* subtype 2 has a redundant length header in the data */
642642
memcpy (&binary_len, (iter->raw + iter->d3), sizeof (binary_len));
643643
binary_len = BSON_UINT32_FROM_LE (binary_len);
644-
if (binary_len + 4 != l) {
644+
if (binary_len != l - 4) {
645645
iter->err_off = iter->d3;
646646
goto mark_invalid;
647647
}

0 commit comments

Comments
 (0)