Skip to content

Commit

Permalink
Move the "start<1" error check in cram_get_ref to before thread locking.
Browse files Browse the repository at this point in the history 
This fixes #1329, which was discovered by code scanning and reported
by Github @ryancaicse.

I do not believe it is likely to be triggered, but the value of this
file can sometimes come from a CRAM file so it is possible malformed
data could lead to a threading deadlock. (Untested)
  • Loading branch information
@jkbonfield @whitwham
jkbonfield authored and whitwham committed Sep 28, 2021
1 parent dcf09a9 commit ab22e84
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions cram/cram_io.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3363,7 +3363,7 @@ char *cram_get_ref(cram_fd *fd, int id, int start, int end) {
char *seq;
int ostart = start;

if (id == -1)
if (id == -1 || start < 1)
return NULL;

/* FIXME: axiomatic query of r->seq being true?
Expand Down Expand Up @@ -3439,8 +3439,6 @@ char *cram_get_ref(cram_fd *fd, int id, int start, int end) {
end = r->length;
if (end >= r->length)
end = r->length;
if (start < 1)
return NULL;

if (end - start >= 0.5*r->length || fd->shared_ref) {
start = 1;
Expand Down

0 comments on commit ab22e84

Please sign in to comment.