From 3ed6153400299db04163ffe8fd9fd785eb9ca12e Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Sat, 2 Feb 2019 11:13:12 +0100
Subject: createFromUserInput(): fix infinite recursion. Fixes
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12842. Credit to OSS
 Fuzz

---
 src/iso19111/io.cpp | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/iso19111/io.cpp b/src/iso19111/io.cpp
index f854e21a..1f4a7c8b 100644
--- a/src/iso19111/io.cpp
+++ b/src/iso19111/io.cpp
@@ -5287,6 +5287,7 @@ PROJStringSyntaxParser(const std::string &projString, std::vector<Step> &steps,
 
     bool hasProj = false;
     bool hasInit = false;
+    bool hasPipeline = false;
     {
         size_t i = 0;
         while (true) {
@@ -5315,8 +5316,11 @@ PROJStringSyntaxParser(const std::string &projString, std::vector<Step> &steps,
             if (token.empty()) {
                 break;
             }
-            if (!hasProj &&
-                (starts_with(token, "proj=") || starts_with(token, "+proj="))) {
+            if (!hasPipeline &&
+                (token == "proj=pipeline" || token == "+proj=pipeline")) {
+                hasPipeline = true;
+            } else if (!hasProj && (starts_with(token, "proj=") ||
+                                    starts_with(token, "+proj="))) {
                 hasProj = true;
             } else if (!hasInit && (starts_with(token, "init=") ||
                                     starts_with(token, "+init="))) {
@@ -5328,7 +5332,7 @@ PROJStringSyntaxParser(const std::string &projString, std::vector<Step> &steps,
 
     bool prevWasTitle = false;
 
-    if (projString.find("proj=pipeline") == std::string::npos) {
+    if (!hasPipeline) {
         if (hasProj || hasInit) {
             steps.push_back(Step());
         }
-- 
cgit v1.2.3