From ab22e8408c4710e9462ff4c4f2b3fb4325cfe42e Mon Sep 17 00:00:00 2001 From: James Bonfield Date: Wed, 15 Sep 2021 16:50:50 +0100 Subject: [PATCH] Move the "start<1" error check in cram_get_ref to before thread locking. This fixes #1329, which was discovered by code scanning and reported by Github @ryancaicse. I do not believe it is likely to be triggered, but the value of this file can sometimes come from a CRAM file so it is possible malformed data could lead to a threading deadlock. (Untested) --- cram/cram_io.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cram/cram_io.c b/cram/cram_io.c index 92102ffd7..e87aa7fa0 100644 --- a/cram/cram_io.c +++ b/cram/cram_io.c @@ -3363,7 +3363,7 @@ char *cram_get_ref(cram_fd *fd, int id, int start, int end) { char *seq; int ostart = start; - if (id == -1) + if (id == -1 || start < 1) return NULL; /* FIXME: axiomatic query of r->seq being true? @@ -3439,8 +3439,6 @@ char *cram_get_ref(cram_fd *fd, int id, int start, int end) { end = r->length; if (end >= r->length) end = r->length; - if (start < 1) - return NULL; if (end - start >= 0.5*r->length || fd->shared_ref) { start = 1;