From 12beff10140755da6182026c39bd0577ddabab08 Mon Sep 17 00:00:00 2001
From: Tyler Hallada <tyler@hallada.net>
Date: Sat, 12 Jun 2021 22:54:10 -0400
Subject: [PATCH] Prevent reading past TES4 record in header parse

Bump version to 0.1.3
---
 Cargo.lock    | 2 +-
 Cargo.toml    | 2 +-
 src/parser.rs | 9 ++++++---
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e469a92..3efa303 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -232,7 +232,7 @@ dependencies = [
 
 [[package]]
 name = "skyrim-cell-dump"
-version = "0.1.2"
+version = "0.1.3"
 dependencies = [
  "anyhow",
  "argh",
diff --git a/Cargo.toml b/Cargo.toml
index 1918b7f..f6a08cb 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "skyrim-cell-dump"
-version = "0.1.2"
+version = "0.1.3"
 edition = "2018"
 authors = ["Tyler Hallada <tyler@hallada.net>"]
 description = "Library and binary for parsing Skyrim plugin files and extracting CELL data"
diff --git a/src/parser.rs b/src/parser.rs
index dac9f17..534c80b 100644
--- a/src/parser.rs
+++ b/src/parser.rs
@@ -263,12 +263,14 @@ fn parse_group_data<'a>(
 }
 
 fn parse_plugin_header(input: &[u8]) -> IResult<&[u8], PluginHeader> {
-    let (mut input, _tes4) = verify(parse_record_header, |record_header| {
+    let (mut input, tes4) = verify(parse_record_header, |record_header| {
         record_header.record_type == "TES4"
     })(input)?;
-    let (remaining, _hedr) = verify(parse_field_header, |field_header| {
+    let mut consumed_bytes = 0;
+    let (remaining, hedr) = verify(parse_field_header, |field_header| {
         field_header.field_type == "HEDR"
     })(input)?;
+    consumed_bytes += hedr.size as u32 + 6;
     input = remaining;
     let (remaining, (version, num_records_and_groups, next_object_id)) = parse_hedr_fields(input)?;
     input = remaining;
@@ -276,8 +278,9 @@ fn parse_plugin_header(input: &[u8]) -> IResult<&[u8], PluginHeader> {
     let mut description = None;
     let mut masters = vec![];
     let mut large_size = None;
-    loop {
+    while consumed_bytes < tes4.size as u32 {
         let (remaining, field) = parse_field_header(input)?;
+        consumed_bytes += field.size as u32 + 6;
         input = remaining;
         match field.field_type {
             "CNAM" => {