Skip to content

Commit

Permalink
NTF: fix heap buffer overflow. Fixes https://bugs.chromium.org/p/oss-…
Browse files Browse the repository at this point in the history 
…fuzz/issues/detail?id=2135. Credit to OSS Fuzz

git-svn-id: https://svn.osgeo.org/gdal/trunk@38931 f0d54148-0727-0410-94bb-9a71ac55c965
  • Loading branch information
@rouault
rouault committed Jun 7, 2017
1 parent 48640d3 commit 9c3a4a4
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion gdal/ogr/ogrsf_frmts/ntf/ntffilereader.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -923,7 +923,8 @@ int NTFFileReader::ProcessAttRec( NTFRecord * poRecord,
if( nFWidth == 0 )
{
const char * pszData2 = poRecord->GetData();

if( iOffset + 2 >= poRecord->GetLength() )
break;
for( nEnd = iOffset + 2;
pszData2[nEnd] != '\\' && pszData2[nEnd] != '\0';
nEnd++ ) {}
Expand All @@ -946,6 +947,8 @@ int NTFFileReader::ProcessAttRec( NTFRecord * poRecord,
if( nFWidth == 0 )
{
iOffset = nEnd;
if( iOffset >= poRecord->GetLength() )
break;
if( pszData[iOffset] == '\\' )
iOffset++;
}
Expand Down

0 comments on commit 9c3a4a4

Please sign in to comment.