E00GRID: fix heap buffer overflow. Fixes https://bugs.chromium.org/p/…

…oss-fuzz/issues/detail?id=2182. Credit to OSS Fuzz git-svn-id: https://svn.osgeo.org/gdal/trunk@39018 f0d54148-0727-0410-94bb-9a71ac55c965
OSGeo · Jun 9, 2017 · e1c5770 · e1c5770
1 parent 9ea2f8f
commit e1c5770
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/gdal/frmts/e00grid/e00read.c b/gdal/frmts/e00grid/e00read.c
@@ -490,7 +490,7 @@ static const char *_UncompressNextLine(E00ReadPtr psInfo)
                  */
                 c = _GetNextSourceChar(psInfo);
                 n = c - ' ';
-                for(i=0; i<n; i++)
+                for(i=0; i<n && iOutBufPtr <= 80; i++)
                     psInfo->szOutBuf[iOutBufPtr++] = ' ';
                 bPreviousCodeWasNumeric = 0;
             }
@@ -564,7 +564,7 @@ static const char *_UncompressNextLine(E00ReadPtr psInfo)
                  */
                 iCurDigit = 0;
                 while((c=_GetNextSourceChar(psInfo)) != '\0' &&
-                      c != ' ' && c != '~')
+                      c != ' ' && c != '~' && iOutBufPtr <= 80 )
                 {
                     n = c - '!';
                     if (n == 92 && (c=_GetNextSourceChar(psInfo)) != '\0')