From 31258214ed9360e5848889f1b9a68cc5845cc8cb Mon Sep 17 00:00:00 2001
From: Hasini Gunasinghe <hasinitg@google.com>
Date: Fri, 21 Jan 2022 01:50:17 +0000
Subject: Add input validation for 'parseRecursively' method.

Bug: 192743373
Test: To be verified with fuzzer test case.
Merged-In: If052fcb2b2bbc5e0bfc8cfccc51cef11b9914017
Change-Id: I0b553d58863aaa85004a7bc576fb524df31af44a
---
 src/cppbor_parse.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src')

diff --git a/src/cppbor_parse.cpp b/src/cppbor_parse.cpp
index 964a72d..23ebd6b 100644
--- a/src/cppbor_parse.cpp
+++ b/src/cppbor_parse.cpp
@@ -195,6 +195,13 @@ std::tuple<const uint8_t*, ParseClient*> handleCompound(
 
 std::tuple<const uint8_t*, ParseClient*> parseRecursively(const uint8_t* begin, const uint8_t* end,
                                                           bool emitViews, ParseClient* parseClient) {
+    if (begin == end) {
+        parseClient->error(
+                begin,
+                "Input buffer is empty.");
+        return {begin, nullptr};
+    }
+
     const uint8_t* pos = begin;
 
     MajorType type = static_cast<MajorType>(*pos & 0xE0);
-- 
cgit v1.2.3