[gegl] ppm-load: limit max permitted buffer allocation to 2GB

[Øyvind Kolås <ok src gnome org>]

commit c83b05d565a1e3392c9606a4ecaa560eb9a4ee29
Author: Øyvind Kolås <pippin gimp org>
Date:   Sat Apr 14 14:26:37 2018 +0200

    ppm-load: limit max permitted buffer allocation to 2GB
    
    Fixing bug #795248

 operations/external/ppm-load.c |   11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)
---
diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c
index 5d4a408..3b14382 100644
--- a/operations/external/ppm-load.c
+++ b/operations/external/ppm-load.c
@@ -94,6 +94,7 @@ ppm_load_read_header(FILE       *fp,
 
     /* Get Width and Height */
     errno = 0;
+
     img->width = strtol (header, &ptr, 10);
     if (errno)
       {
@@ -144,15 +145,19 @@ ppm_load_read_header(FILE       *fp,
     }
 
     /* Later on, img->numsamples is multiplied with img->bpc to allocate
-     * memory. Ensure it doesn't overflow. */
+     * memory. Ensure it doesn't overflow. G_MAXSIZE might have been
+       good enough on 32bit, for now lets just fail if the size is beyond
+       2GB
+     */
+#define MAX_PPM_SIZE (1<<31)
+
     if (!img->width || !img->height ||
-        G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc)
+        MAX_PPM_SIZE / img->width / img->height / CHANNEL_COUNT < img->bpc)
       {
         g_warning ("Illegal width/height: %ld/%ld", img->width, img->height);
         return FALSE;
       }
 
-
     img->channels = channel_count;
     img->numsamples = img->width * img->height * channel_count;