From a1fc0ce4b4eb36376845437584492cb756b65433 Mon Sep 17 00:00:00 2001
From: BodgeMaster <>
Date: Mon, 15 Aug 2022 12:02:58 +0200
Subject: [PATCH] lib/nbt: Fix a possible buffer overflow in readString()

---
 src/lib/nbt.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lib/nbt.cpp b/src/lib/nbt.cpp
index 0dd3e4e..d65fe42 100644
--- a/src/lib/nbt.cpp
+++ b/src/lib/nbt.cpp
@@ -154,6 +154,9 @@ namespace NBT {
             if (stringSize.isError) {
                 return ErrorOr<tiny_utf8::string>(true, stringSize.errorCode);
             }
+            if (currentPosition + (uint64_t) stringSize.value + 2 > dataSize) {
+                return ErrorOr<tiny_utf8::string>(true, ErrorCodes::OVERRUN);
+            }
 
             ErrorOr<tiny_utf8::string> output = JavaCompat::importJavaString(data+currentPosition, stringSize.value);
             if(output.isError){