Track the header size read in pj_gridinfo_init

Fixes #875 Found with autofuzz using MSAN: use-of-uninitialized-value
OSGeo · Mar 20, 2018 · 8e0c5db · 8e0c5db
1 parent 4cc3d91
commit 8e0c5db
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/src/pj_gridinfo.c b/src/pj_gridinfo.c
@@ -832,6 +832,7 @@ PJ_GRIDINFO *pj_gridinfo_init( projCtx ctx, const char *gridname )
     PJ_GRIDINFO *gilist;
     PAFile 	fp;
     char	header[160];
+    size_t      header_size = 0;
 
     errno = pj_errno = 0;
     ctx->last_errno = 0;
@@ -878,25 +879,31 @@ PJ_GRIDINFO *pj_gridinfo_init( projCtx ctx, const char *gridname )
 /* -------------------------------------------------------------------- */
 /*      Load a header, to determine the file type.                      */
 /* -------------------------------------------------------------------- */
-    if( pj_ctx_fread( ctx, header, sizeof(header), 1, fp ) != 1 )
+    if( (header_size = pj_ctx_fread( ctx, header, 1,
+                                     sizeof(header), fp ) ) != sizeof(header) )
     {
         /* some files may be smaller that sizeof(header), eg 160, so */
         ctx->last_errno = 0; /* don't treat as a persistent error */
+        pj_log( ctx, PJ_LOG_DEBUG_MAJOR,
+                "pj_gridinfo_init: short header read of %d bytes",
+                (int)header_size );
     }
 
     pj_ctx_fseek( ctx, fp, SEEK_SET, 0 );
 
 /* -------------------------------------------------------------------- */
 /*      Determine file type.                                            */
 /* -------------------------------------------------------------------- */
-    if( strncmp(header + 0, "HEADER", 6) == 0
+    if( header_size >= 144 + 16
+        && strncmp(header + 0, "HEADER", 6) == 0
         && strncmp(header + 96, "W GRID", 6) == 0
         && strncmp(header + 144, "TO      NAD83   ", 16) == 0 )
     {
         pj_gridinfo_init_ntv1( ctx, fp, gilist );
     }
 
-    else if( strncmp(header + 0, "NUM_OREC", 8) == 0
+    else if( header_size >= 48 + 7
+             && strncmp(header + 0, "NUM_OREC", 8) == 0
              && strncmp(header + 48, "GS_TYPE", 7) == 0 )
     {
         pj_gridinfo_init_ntv2( ctx, fp, gilist );
@@ -909,7 +916,7 @@ PJ_GRIDINFO *pj_gridinfo_init( projCtx ctx, const char *gridname )
         pj_gridinfo_init_gtx( ctx, fp, gilist );
     }
 
-    else if( strncmp(header + 0,"CTABLE V2",9) == 0 )
+    else if( header_size >= 9 && strncmp(header + 0,"CTABLE V2",9) == 0 )
     {
         struct CTABLE *ct = nad_ctable2_init( ctx, fp );