Merge pull request #4944 from rouault/fix_ossfuzz_41993

PCIDSK: fix write heap-buffer-overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41993
OSGeo · Dec 4, 2021 · 1ca6a3e · 1ca6a3e
2 parents 9bcef6b + 93913a8
commit 1ca6a3e
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp b/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
@@ -31,6 +31,7 @@
 #include "pcidsk_exception.h"
 #include "core/pcidsk_utils.h"
 
+#include <limits>
 #include <vector>
 #include <string>
 #include <cassert>
@@ -73,8 +74,12 @@ void CPCIDSKBinarySegment::Load()
     if (loaded_) {
         return;
     }
+    if( data_size - 1024 > static_cast<uint64_t>(std::numeric_limits<int>::max()) )
+    {
+        return ThrowPCIDSKException("too large data_size");
+    }
 
-    seg_data.SetSize((int)data_size - 1024);
+    seg_data.SetSize((int)(data_size - 1024));
 
     ReadFromFile(seg_data.buffer, 0, data_size - 1024);