Protect against CRAM slice end going beyond end of reference.

This was checked for with aligned data, but unmapped "placed" reads could start beyind the reference end and cr->aend was dutifully set where it claimed to start. This could cause buffer read-overruns when computing the reference md5. Fixes samtools#1698, fixes samtools#1700
jkbonfield · Nov 16, 2023 · 569fc95 · 569fc95
1 parent 2e89e80
commit 569fc95
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/cram/cram_encode.c b/cram/cram_encode.c
@@ -3556,7 +3556,7 @@ static int process_one_read(cram_fd *fd, cram_container *c,
         cr->cigar  = 0;
         cr->ncigar = 0;
         cr->nfeature = 0;
-        cr->aend = cr->apos;
+        cr->aend = MIN(cr->apos, c->ref_end);
         for (i = 0; i < cr->len; i++)
             if (cram_stats_add(c->stats[DS_BA], seq[i]) < 0)
                 goto block_err;