Prevent extend_ref from making huge mallocs on very sparse data.

If we have a few reads with 64-bit positions widly far apart, we could attempt to allocate huge sums of memory. The embedded reference isn't even helpful in this scenario, so we can limit this allocation to something more respectable. Fixes #1699
samtools · Nov 20, 2023 · 0ab97e3 · 0ab97e3
1 parent 86691e8
commit 0ab97e3
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/cram/cram_encode.c b/cram/cram_encode.c
@@ -1454,6 +1454,12 @@ static inline int extend_ref(char **ref, uint32_t (**hist)[5], hts_pos_t pos,
     if (pos < *ref_end)
         return 0;
 
+    // Refuse to work on excessively large blocks.
+    // We'll just switch to referenceless encoding, which is probably better
+    // here as this must be very sparse data anyway.
+    if (*ref_end - ref_start > UINT_MAX/sizeof(**hist))
+        return -1;
+
     // realloc
     hts_pos_t old_end = *ref_end ? *ref_end : ref_start;
     hts_pos_t new_end = *ref_end = ref_start + 1000 + (pos-ref_start)*1.5;