ob_tran: detect potential recursion

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12266
Credit to OSS Fuzz

1 files changed, 10 insertions, 6 deletions

diff --git a/src/projections/ob_tran.cpp b/src/projections/ob_tran.cpp
index 6daae394..f9eaa6f0 100644
--- a/src/projections/ob_tran.cpp
+++ b/src/projections/ob_tran.cpp
@@ -154,6 +154,11 @@ static ARGS ob_tran_target_params (paralist *params) {
         if (0!=strncmp (args.argv[i], "o_proj=", 7))
             continue;
         args.argv[i] += 2;
+        if (strcmp(args.argv[i], "proj=ob_tran") == 0 ) {
+            pj_dealloc (args.argv);
+            args.argc = 0;
+            args.argv = nullptr;
+        }
         break;
     }
 
@@ -164,7 +169,6 @@ static ARGS ob_tran_target_params (paralist *params) {
 
 PJ *PROJECTION(ob_tran) {
     double phip;
-    char *name;
     ARGS args;
     PJ *R; /* projection to rotate */
 
@@ -176,15 +180,15 @@ PJ *PROJECTION(ob_tran) {
     P->destructor = destructor;
 
     /* get name of projection to be translated */
-    if (!(name = pj_param(P->ctx, P->params, "so_proj").s))
+    if (pj_param(P->ctx, P->params, "so_proj").s == nullptr)
         return destructor(P, PJD_ERR_NO_ROTATION_PROJ);
 
-    /* avoid endless recursion */
-    if( strcmp(name, "ob_tran") == 0 )
-        return destructor(P, PJD_ERR_FAILED_TO_FIND_PROJ);
-
     /* Create the target projection object to rotate */
     args = ob_tran_target_params (P->params);
+    /* avoid endless recursion */
+    if (args.argv == nullptr ) {
+        return destructor(P, PJD_ERR_FAILED_TO_FIND_PROJ);
+    }
     R = pj_init_ctx (pj_get_ctx(P), args.argc, args.argv);
     pj_dealloc (args.argv);