BUG: Backport GDCM out-of-bounds fix

Back for of GDCM 5829c95c8ac3afa9a3a3413675e948959c28a789

Fix VU#591834.1
Original report is:

Vulnerability VU#591834.1 (VU#591834)
Date Added: 2025-08-21
Description: An out-of-bounds read vulnerability exists in the
Grassroots DICOM library (GDCM), specifically within the
SequenceOfFragments::ReadValue method. The issue is triggered during
parsing of a malformed DICOM file containing encapsulated PixelData
fragments (compressed image data stored as multiple fragments).

Author: blowekamp

Modules/ThirdParty/GDCM/src/gdcm/Source/DataStructureAndEncodingDefinition/gdcmSequenceOfFragments.h

@@ -237,7 +237,7 @@ std::istream& ReadValue(std::istream &is, bool /*readvalues*/)
       const size_t lastf = Fragments.size() - 1;
       const ByteValue *bv = Fragments[ lastf ].GetByteValue();
       const char *a = bv->GetPointer();
-      gdcmAssertAlwaysMacro( (unsigned char)a[ bv->GetLength() - 3 ] == 0xfe );
+      gdcmAssertAlwaysMacro( bv->GetLength() >= 3 && (unsigned char)a[ bv->GetLength() - 3 ] == 0xfe );
       Fragments[ lastf ].SetByteValue( bv->GetPointer(), bv->GetLength() - 3 );
       is.seekg( -11, std::ios::cur );
       assert( is.good() );