From 4b10090f7091b839a10f3b674dc1f9e017e0579c Mon Sep 17 00:00:00 2001
From: albertexye <albertexye@gmail.com>
Date: Mon, 1 Apr 2024 14:19:01 -0400
Subject: [PATCH] perform boundary check before searching to prevent security
 vulnerabilities

---
 src/str.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/str.cpp b/src/str.cpp
index b0308ffb..b6ca04d2 100644
--- a/src/str.cpp
+++ b/src/str.cpp
@@ -266,6 +266,7 @@ int utf8len(unsigned char c, bool suppress){
     }
 
     int Str::index(const Str& sub, int start) const {
+        if (start < 0 || start >= this->u8_length()) return -1;
         auto p = std::search(data + start, data + size, sub.data, sub.data + sub.size);
         if(p == data + size) return -1;
         return p - data;