Stricter limit on POS in vcf_parse()

Limiting POS to 62 bits helps avoid the risk of signed overflow when it's set to a very extreme value. The maximum is still much higher than the length of the longest currently known reference.
samtools · Jul 30, 2024 · 555802f · 555802f
1 parent 9a4b660
commit 555802f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/vcf.c b/vcf.c
@@ -3703,7 +3703,7 @@ int vcf_parse(kstring_t *s, const bcf_hdr_t *h, bcf1_t *v)
 
     overflow = 0;
     char *tmp = p;
-    v->pos = hts_str2uint(p, &p, 63, &overflow);
+    v->pos = hts_str2uint(p, &p, 62, &overflow);
     if (overflow) {
         hts_log_error("Position value '%s' is too large", tmp);
         goto err;