From d8b6f09cc14191ceef32ef7371604b70a678a0e9 Mon Sep 17 00:00:00 2001
From: Zhengguo Yang <yangzhgg@gmail.com>
Date: Thu, 15 Sep 2022 08:43:10 +0800
Subject: [PATCH] [Bugfix](string_functions) fix heap-buffer-overflow on
 find_in_set (#12613)

---
 be/src/exprs/string_functions.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/be/src/exprs/string_functions.cpp b/be/src/exprs/string_functions.cpp
index fb6e0f5f98..32a4261e41 100644
--- a/be/src/exprs/string_functions.cpp
+++ b/be/src/exprs/string_functions.cpp
@@ -710,7 +710,7 @@ IntVal StringFunctions::find_in_set(FunctionContext* context, const StringVal& s
     do {
         end = start;
         // Position end.
-        while (str_set.ptr[end] != ',' && end < str_set.len) {
+        while (end < str_set.len && str_set.ptr[end] != ',') {
             ++end;
         }
         StringValue token(reinterpret_cast<char*>(str_set.ptr) + start, end - start);