From 351530055fc42fb05e2cda71eca98673f6b31811 Mon Sep 17 00:00:00 2001
From: ksuprynowicz <ksuprynowicz@post.pl>
Date: Sun, 25 Feb 2024 22:19:05 +0100
Subject: [PATCH] Check for out-of-bounds in GLTFSerializer

---
 libraries/model-serializers/src/GLTFSerializer.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libraries/model-serializers/src/GLTFSerializer.cpp b/libraries/model-serializers/src/GLTFSerializer.cpp
index 5a1676f6d7..68a2fcecd9 100644
--- a/libraries/model-serializers/src/GLTFSerializer.cpp
+++ b/libraries/model-serializers/src/GLTFSerializer.cpp
@@ -317,6 +317,11 @@ bool GLTFSerializer::buildGeometry(HFMModel& hfmModel, const hifi::VariantHash&
                     size_t matrixIndex = jointNodeIndex;
                     std::vector<float>& value = inverseBindValues[s];
                     size_t matrixCount = 16 * matrixIndex;
+                    if (matrixCount + 15 >= value.size()) {
+                        qDebug(modelformat) << "GLTFSerializer::buildGeometry: not enough entries in jointInverseBindTransforms: " << _url;
+                        hfmModel.loadErrorCount++;
+                        return false;
+                    }
                     jointInverseBindTransforms[jointIndex] =
                         glm::mat4(value[matrixCount], value[matrixCount + 1], value[matrixCount + 2], value[matrixCount + 3],
                             value[matrixCount + 4], value[matrixCount + 5], value[matrixCount + 6], value[matrixCount + 7],