influxdata · gggevorgyan · Jan 11, 2023 · Feb 19, 2024 · gwossum · Feb 15, 2024
diff --git a/tsdb/engine/tsm1/reader.go b/tsdb/engine/tsm1/reader.go
@@ -1233,6 +1233,10 @@ func (d *indirectIndex) UnmarshalBinary(b []byte) error {
 			return fmt.Errorf("indirectIndex: not enough data for index entries count")
 		}
 		count := int32(binary.BigEndian.Uint16(b[i : i+indexCountSize]))
+
+		if count <= 0 {
+			return fmt.Errorf("invalid index %d; count must be greater than 0", count)
+		}
 		i += indexCountSize
 
 		// Find the min time for the block
@@ -1350,7 +1354,7 @@ func (m *mmapAccessor) init() (*indirectIndex, error) {
 
 	indexOfsPos := len(m.b) - 8
 	indexStart := binary.BigEndian.Uint64(m.b[indexOfsPos : indexOfsPos+8])
-	if indexStart >= uint64(indexOfsPos) {
+	if indexStart >= uint64(indexOfsPos) || (uint64(indexOfsPos)-indexStart) > math.MaxInt32 {
 		return nil, fmt.Errorf("mmapAccessor: invalid indexStart")
 	}