From 2191ee0d2070950c571792caf63fb4bbd4176c14cba7d546aba7491c33f72e12 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Wed, 11 Dec 2024 14:43:34 +0300
Subject: [PATCH] Missing buffer size check

Found immediately by fuzz test.
---
 gyac/convert-fuzz-input-to-testdata |  6 ++++++
 gyac/dec.go                         |  4 ++++
 gyac/fuzz_test.go                   | 11 +++++++++++
 3 files changed, 21 insertions(+)
 create mode 100755 gyac/convert-fuzz-input-to-testdata
 create mode 100644 gyac/fuzz_test.go

diff --git a/gyac/convert-fuzz-input-to-testdata b/gyac/convert-fuzz-input-to-testdata
new file mode 100755
index 0000000..c4386e3
--- /dev/null
+++ b/gyac/convert-fuzz-input-to-testdata
@@ -0,0 +1,6 @@
+#!/bin/sh -e
+
+dst=testdata/fuzz/FuzzItemDecode
+mkdir -p $dst
+# go install golang.org/x/tools/cmd/file2fuzz@latest
+file2fuzz -o $dst fuzz-input
diff --git a/gyac/dec.go b/gyac/dec.go
index 7accd44..085b4a9 100644
--- a/gyac/dec.go
+++ b/gyac/dec.go
@@ -189,6 +189,10 @@ func AtomDecode(buf []byte) (item *Item, off int, err error) {
 		}
 		var bin *Item
 		var binOff int
+		if len(buf) < 2 {
+			err = ErrNotEnough
+			return
+		}
 		if buf[1]&AtomStrings == 0 {
 			err = errors.New("wrong int value")
 			return
diff --git a/gyac/fuzz_test.go b/gyac/fuzz_test.go
new file mode 100644
index 0000000..37195da
--- /dev/null
+++ b/gyac/fuzz_test.go
@@ -0,0 +1,11 @@
+package gyac
+
+import (
+	"testing"
+)
+
+func FuzzItemDecode(f *testing.F) {
+	f.Fuzz(func(t *testing.T, b []byte) {
+		ItemDecode(b)
+	})
+}
-- 
2.50.0