From 7fee747db8e6090d02cf0359a3ec4c50b6019a19 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Fri, 1 May 2026 05:30:43 +0000
Subject: [PATCH 1/2] fix: V-002 security vulnerability

Automated security fix generated by Orbis Security AI
---
 contrib/externalSequenceProducer/main.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contrib/externalSequenceProducer/main.c b/contrib/externalSequenceProducer/main.c
index c81e9bf4097..0d9c191c21a 100644
--- a/contrib/externalSequenceProducer/main.c
+++ b/contrib/externalSequenceProducer/main.c
@@ -61,6 +61,7 @@ int main(int argc, char *argv[]) {
         assert(ret == 0);
     }
 
+    assert(srcSize != (size_t)-1);  /* prevent integer overflow in malloc argument */
     char* const src = malloc(srcSize + 1);
     assert(src);
     {

From 8f67f70fa1ef8b3047f5c0573487fc3b2c7a7116 Mon Sep 17 00:00:00 2001
From: OrbisAI Security <mediratta01.pally@gmail.com>
Date: Mon, 4 May 2026 06:59:29 +0530
Subject: [PATCH 2/2] replacing asserts with explicit error handling

---
 contrib/externalSequenceProducer/main.c | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/contrib/externalSequenceProducer/main.c b/contrib/externalSequenceProducer/main.c
index 0d9c191c21a..fa4bb8abda3 100644
--- a/contrib/externalSequenceProducer/main.c
+++ b/contrib/externalSequenceProducer/main.c
@@ -55,15 +55,33 @@ int main(int argc, char *argv[]) {
         int const ret = fseek(f, 0, SEEK_END);
         assert(ret == 0);
     }
-    size_t const srcSize = ftell(f);
+    long const fileSize = ftell(f);
+    if (fileSize < 0) {
+        fprintf(stderr, "ERROR: ftell failed\n");
+        fclose(f);
+        ZSTD_freeCCtx(zc);
+        return 1;
+    }
+
+    size_t const srcSize = (size_t)fileSize;
+    if (srcSize == SIZE_MAX) {
+        fprintf(stderr, "ERROR: input file too large\n");
+        fclose(f);
+        ZSTD_freeCCtx(zc);
+        return 1;
+    }
     {
         int const ret = fseek(f, 0, SEEK_SET);
         assert(ret == 0);
     }
 
-    assert(srcSize != (size_t)-1);  /* prevent integer overflow in malloc argument */
     char* const src = malloc(srcSize + 1);
-    assert(src);
+    if (src == NULL) {
+        fprintf(stderr, "ERROR: allocation failed\n");
+        fclose(f);
+        ZSTD_freeCCtx(zc);
+        return 1;
+    }
     {
         size_t const ret = fread(src, srcSize, 1, f);
         assert(ret == 1);