From 2366a528aa1bce3f9ccfea5940154dc7c6c947be Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Mon, 28 Oct 2019 15:12:20 +0100
Subject: createOperations(): avoid infinite recursion in a super weird case.
 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18587

---
 test/unit/test_operation.cpp | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'test/unit/test_operation.cpp')

diff --git a/test/unit/test_operation.cpp b/test/unit/test_operation.cpp
index 8805e6a1..739d8ec3 100644
--- a/test/unit/test_operation.cpp
+++ b/test/unit/test_operation.cpp
@@ -7652,6 +7652,26 @@ TEST(operation, createOperation_on_crs_with_bound_crs_and_wktext) {
 
 // ---------------------------------------------------------------------------
 
+TEST(operation, createOperation_ossfuzz_18587) {
+    auto objSrc =
+        createFromUserInput("EPSG:4326", DatabaseContext::create(), false);
+    auto src = nn_dynamic_pointer_cast<CRS>(objSrc);
+    ASSERT_TRUE(src != nullptr);
+
+    // Extremly weird string ! We should likely reject it
+    auto objDst = PROJStringParser().createFromPROJString(
+        "type=crs proj=pipeline step proj=merc vunits=m nadgrids=@x "
+        "proj=\"\nproj=pipeline step\n\"");
+    auto dst = nn_dynamic_pointer_cast<CRS>(objDst);
+    ASSERT_TRUE(dst != nullptr);
+
+    // Just check that we don't go into an infinite recursion
+    CoordinateOperationFactory::create()->createOperation(NN_CHECK_ASSERT(src),
+                                                          NN_CHECK_ASSERT(dst));
+}
+
+// ---------------------------------------------------------------------------
+
 TEST(operation, mercator_variant_A_to_variant_B) {
     auto projCRS = ProjectedCRS::create(
         PropertyMap(), GeographicCRS::EPSG_4326,
-- 
cgit v1.2.3