From cbbdf8230ccade28906dbee1cc277d2bfb080526 Mon Sep 17 00:00:00 2001
From: Andy Ragusa <aragusa@cisco.com>
Date: Tue, 15 Feb 2022 09:38:51 -0800
Subject: [PATCH] Modified read condition in javascript normalizer

Modified conditional statement to test for an out of bounds index before
reading from that index.
---
 libclamav/jsparse/js-norm.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/libclamav/jsparse/js-norm.c b/libclamav/jsparse/js-norm.c
index bb033d619..4b572a3d4 100644
--- a/libclamav/jsparse/js-norm.c
+++ b/libclamav/jsparse/js-norm.c
@@ -649,9 +649,9 @@ static void handle_de(yystype *tokens, size_t start, const size_t cnt, const cha
                 for (j = 0; j < parameters_cnt && i < cnt; j++) {
                     parameters[j] = &tokens[i++];
                     if (j != parameters_cnt - 1)
-                        while (tokens[i].type != TOK_COMMA && i < cnt) i++;
+                        while (i < cnt && tokens[i].type != TOK_COMMA) i++;
                     else
-                        while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
+                        while (i < cnt && tokens[i].type != TOK_PAR_CLOSE) i++;
                     i++;
                 }
                 if (j == parameters_cnt)
@@ -666,9 +666,9 @@ static void handle_de(yystype *tokens, size_t start, const size_t cnt, const cha
         for (j = 0; j < parameters_cnt && i < cnt; j++) {
             parameters[j] = &tokens[i++];
             if (j != parameters_cnt - 1)
-                while (tokens[i].type != TOK_COMMA && i < cnt) i++;
+                while (i < cnt && tokens[i].type != TOK_COMMA) i++;
             else
-                while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
+                while (i < cnt && tokens[i].type != TOK_PAR_CLOSE) i++;
             i++;
         }
         if (j == parameters_cnt)