From 1c60f4cc408e85aff78482659a80fe974ee5d57b Mon Sep 17 00:00:00 2001 From: Even Rouault Date: Sat, 2 Feb 2019 09:44:44 +0100 Subject: PROJStringSyntaxParser: avoid assertion on illegal input. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12837. Credit to OSS Fuzz --- src/iso19111/io.cpp | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/iso19111/io.cpp b/src/iso19111/io.cpp index 3517c225..f854e21a 100644 --- a/src/iso19111/io.cpp +++ b/src/iso19111/io.cpp @@ -5285,6 +5285,8 @@ PROJStringSyntaxParser(const std::string &projString, std::vector &steps, const char *c_str = projString.c_str(); std::vector tokens; + bool hasProj = false; + bool hasInit = false; { size_t i = 0; while (true) { @@ -5313,6 +5315,13 @@ PROJStringSyntaxParser(const std::string &projString, std::vector &steps, if (token.empty()) { break; } + if (!hasProj && + (starts_with(token, "proj=") || starts_with(token, "+proj="))) { + hasProj = true; + } else if (!hasInit && (starts_with(token, "init=") || + starts_with(token, "+init="))) { + hasInit = true; + } tokens.emplace_back(token); } } @@ -5320,14 +5329,6 @@ PROJStringSyntaxParser(const std::string &projString, std::vector &steps, bool prevWasTitle = false; if (projString.find("proj=pipeline") == std::string::npos) { - const bool hasProj = projString.find("proj=") == 0 || - projString.find("+proj=") == 0 || - projString.find(" proj=") != std::string::npos || - projString.find(" +proj=") != std::string::npos; - const bool hasInit = projString.find("init=") == 0 || - projString.find("+init=") == 0 || - projString.find(" init=") != std::string::npos || - projString.find(" +init=") != std::string::npos; if (hasProj || hasInit) { steps.push_back(Step()); } -- cgit v1.2.3