assertThrows(EOFException.class, () -> {
            ASN1Util.readLength(s, 100, false);
        });
    }

    @Test
    void testReadLength_OutOfBounds() {
        // Length out of bounds
        InputStream s = new ByteArrayInputStream(new byte[] { (byte) 0x81, (byte) 0xFF }); // length 255
        assertThrows(IOException.class, () -> {
            ASN1Util.readLength(s, 200, false); // limit 200
        });

            when(mockReferral.getNode()).thenReturn("\\server\\share\\path");

            String reqPath = "\\\\server\\share\\path\\file";
            // Ensure consumed is within bounds to avoid StringIndexOutOfBoundsException
            consumed = Math.min(consumed, reqPath.length());

        if (length >= limit && !isParsing) // after all we must have read at least 1 byte
        {
            throw new IOException("corrupted stream - out of bounds length found: " + length + " >= " + limit);
        }

        return length;
    }

    `SparseDenseCwiseMul`
    ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
*   Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
    ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
*   Fixes a heap out of bounds read in `RequantizationRange`
    ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))

    }

    @Test
    void testResolveSidsWithOffsetAndLength_OutOfBounds() throws CIFSException {
        doThrow(new CIFSException("Array index out of bounds")).when(sidResolver)
                .resolveSids(any(CIFSContext.class), anyString(), any(SID[].class), eq(5), anyInt());

        assertThrows(IllegalArgumentException.class,
                () -> InputValidator.validateSmb2BufferSize(InputValidator.MAX_SMB2_BUFFER_SIZE + 1, "test"));
    }

    @Test
    @DisplayName("Test array bounds validation")
    void testArrayBounds() {
        byte[] src = new byte[100];
        byte[] dst = new byte[100];

        assertDoesNotThrow(() -> InputValidator.validateArrayBounds(src, 0, dst, 0, 100));

//
// If index is out of bounds, an error code will be set in the status object,
// and -1 will be returned.
TF_CAPI_EXPORT extern int64_t TF_DeviceListMemoryBytes(
    const TF_DeviceList* list, int index, TF_Status* status);

// Retrieve the incarnation number of a given device.
//
// If index is out of bounds, an error code will be set in the status object,
// and 0 will be returned.

        void testDecodeWithBufferOverflow() {
            assertThrows(SMBProtocolDecodingException.class, () -> testResponse.decode(testBuffer, 250, 10),
                    "Should throw exception when reading beyond buffer bounds");
        }

        @Test
        @DisplayName("Should handle zero-length decode")
        void testDecodeWithZeroLength() throws SMBProtocolDecodingException {

        srvsvc.ShareInfo502 info502 = new srvsvc.ShareInfo502();
        info502.security_descriptor = new byte[] { 1, 2, 3, 4 };
        info502.sd_size = 100; // Mismatched size - SecurityDescriptor will try to read beyond array bounds

        // Replace info field
        Field infoField = msrpcShareGetInfo.getClass().getSuperclass().getDeclaredField("info");
        infoField.setAccessible(true);
        infoField.set(msrpcShareGetInfo, info502);

    void testMethodsWithIndicesBeyondBuffer() {
        // Arrange
        byte[] buffer = new byte[10];
        int beyondIndex = 20;

        // Act & Assert
        // These methods don't validate buffer bounds, so they return 0
        assertEquals(0, response.writeSetupWireFormat(buffer, beyondIndex));
        assertEquals(0, response.writeParametersWireFormat(buffer, beyondIndex));