jbenet
diff --git a/‎bson/_cbsonmodule.c‎
Lines changed: 6 additions & 0 deletions b/‎bson/_cbsonmodule.c‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎test/test_bson.py‎
Lines changed: 1 addition & 0 deletions b/‎test/test_bson.py‎
Lines changed: 1 addition & 0 deletions
@@ -1235,6 +1235,12 @@ static PyObject* elements_to_dict(const char* string, int max,
  while (position < max) {
  int type = (int)string[position++];
  int name_length = strlen(string + position);
+ if (position + name_length >= max) {
+ PyObject* InvalidBSON = _error("InvalidBSON");
+ PyErr_SetNone(InvalidBSON);
+ Py_DECREF(InvalidBSON);
+ return NULL;
+ }
  PyObject* name = PyUnicode_DecodeUTF8(string + position, name_length, "strict");
  PyObject* value;
  if (!name) {
 
@@ -68,6 +68,7 @@ def test_basic_validation(self):
  self.assertFalse(is_valid("\x05\x00\x00\x00\x01"))
  self.assertFalse(is_valid("\x05\x00\x00\x00"))
  self.assertFalse(is_valid("\x05\x00\x00\x00\x00\x00"))
+ self.assertFalse(is_valid("\x07\x00\x00\x00\x02a\x00\x78\x56\x34\x12"))
 
  def test_random_data_is_not_bson(self):
  qcheck.check_unittest(self, qcheck.isnt(is_valid),