From d2b0877bd88377fdd3da9b4cb4f763d8a6f831c3 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Tue, 10 Aug 2021 10:48:15 +0200
Subject: Merge pull request #2795 from rouault/fix_ossfuzz_36751

Conversion::createUTM(): avoid integer overflow
---
 scripts/create_c_api_projections.py   | 9 ++++++---
 src/iso19111/operation/conversion.cpp | 3 +++
 test/unit/test_c_api.cpp              | 9 ++++++++-
 3 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/scripts/create_c_api_projections.py b/scripts/create_c_api_projections.py
index 1682b160..323b54ed 100755
--- a/scripts/create_c_api_projections.py
+++ b/scripts/create_c_api_projections.py
@@ -167,8 +167,11 @@ for sectiondef in compounddef.iter('sectiondef'):
             test_cppfile.write("{\n")
             test_cppfile.write("    auto projCRS = proj_create_conversion_" + c_shortName + "(\n")
             test_cppfile.write("        m_ctxt")
-            for param in params:
-                test_cppfile.write(", 0")
+            if c_shortName == 'utm':
+                test_cppfile.write(", 1")
+            else:
+                for param in params:
+                    test_cppfile.write(", 0")
             if has_angle:
                 test_cppfile.write(", \"Degree\", 0.0174532925199433")
             if has_linear:
@@ -184,4 +187,4 @@ cppfile.write("/* END: Generated by scripts/create_c_api_projections.py*/\n")
 
 test_cppfile.write("/* END: Generated by scripts/create_c_api_projections.py*/\n")
 
-print('projections.h and .cpp, and test_projections.cpp have been generated. Manually merge them now')
\ No newline at end of file
+print('projections.h and .cpp, and test_projections.cpp have been generated. Manually merge them now')
diff --git a/src/iso19111/operation/conversion.cpp b/src/iso19111/operation/conversion.cpp
index e2e77562..e884db3c 100644
--- a/src/iso19111/operation/conversion.cpp
+++ b/src/iso19111/operation/conversion.cpp
@@ -331,6 +331,9 @@ Conversion::create(const util::PropertyMap &properties,
  */
 ConversionNNPtr Conversion::createUTM(const util::PropertyMap &properties,
                                       int zone, bool north) {
+    if (zone < 1 || zone > 60) {
+        throw InvalidOperation("Invalid zone number");
+    }
     return create(
         getUTMConversionProperty(properties, zone, north),
         EPSG_CODE_METHOD_TRANSVERSE_MERCATOR,
diff --git a/test/unit/test_c_api.cpp b/test/unit/test_c_api.cpp
index 34f32c19..2a82af64 100644
--- a/test/unit/test_c_api.cpp
+++ b/test/unit/test_c_api.cpp
@@ -2373,10 +2373,17 @@ TEST_F(CApi, check_coord_op_obj_can_be_used_with_proj_trans) {
 // ---------------------------------------------------------------------------
 
 TEST_F(CApi, proj_create_projections) {
+    {
+        constexpr int invalid_zone_number = 0;
+        auto projCRS =
+            proj_create_conversion_utm(m_ctxt, invalid_zone_number, 0);
+        ObjectKeeper keeper_projCRS(projCRS);
+        ASSERT_EQ(projCRS, nullptr);
+    }
 
     /* BEGIN: Generated by scripts/create_c_api_projections.py*/
     {
-        auto projCRS = proj_create_conversion_utm(m_ctxt, 0, 0);
+        auto projCRS = proj_create_conversion_utm(m_ctxt, 1, 0);
         ObjectKeeper keeper_projCRS(projCRS);
         ASSERT_NE(projCRS, nullptr);
     }
-- 
cgit v1.2.3