fix out of boundary read

2 files changed, 22 insertions, 1 deletions

diff --git a/library/cpp/yson/detail.h b/library/cpp/yson/detail.h
index 27f5e8ffff..96b35f965c 100644
--- a/library/cpp/yson/detail.h
+++ b/library/cpp/yson/detail.h
@@ -214,7 +214,7 @@ namespace NYson {
             }
 
             bool ReadVarint32Fallback(ui32* value) {
-                if (BeginByte() + MaxVarint32Bytes <= EndByte() ||
+                if (BeginByte() + MaxVarintBytes <= EndByte() ||
                     // Optimization:  If the Varint ends at exactly the end of the buffer,
                     // we can detect that and still use the fast path.
                     (BeginByte() < EndByte() && !(EndByte()[-1] & 0x80)))
diff --git a/library/cpp/yson/ut/yson_ut.cpp b/library/cpp/yson/ut/yson_ut.cpp
new file mode 100644
index 0000000000..b381bbabb8
--- /dev/null
+++ b/library/cpp/yson/ut/yson_ut.cpp
@@ -0,0 +1,21 @@
+#include <library/cpp/yson/parser.h>
+#include <library/cpp/yson/writer.h>
+
+#include <library/cpp/testing/gtest/gtest.h>
+
+#include <util/stream/mem.h>
+
+using namespace NYson;
+
+TEST(TTestYson, YT_17658)
+{
+   const auto data = TStringBuf{"\x01\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc"};
+
+    auto input = TMemoryInput{data};
+
+    TStringStream out;
+    {
+        TYsonWriter writer(&out, EYsonFormat::Text);
+        EXPECT_THROW(ParseYsonStringBuffer(data, &writer), std::exception);
+    }
+}