[gegl/gegl-0-2] ppm-load: limit max permitted buffer allocation to 2GB

[Øyvind Kolås <ok src gnome org>]

commit 46efa48fbfb254e5339f8846de9bbe3d40feff97
Author: Øyvind Kolås <pippin gimp org>
Date:   Sat Apr 14 14:26:37 2018 +0200

    ppm-load: limit max permitted buffer allocation to 2GB
    
    Fixing bug #795248

 operations/external/ppm-load.c |   13 +++++++++----
 1 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c
index 82041e2..0182a92 100644
--- a/operations/external/ppm-load.c
+++ b/operations/external/ppm-load.c
@@ -96,7 +96,8 @@ ppm_load_read_header(FILE       *fp,
 
     /* Get Width and Height */
     errno = 0;
-    img->width  = strtol (header,&ptr,10);
+
+    img->width = strtol (header, &ptr, 10);
     if (errno)
       {
         g_warning ("Error reading width: %s", strerror(errno));
@@ -144,15 +145,19 @@ ppm_load_read_header(FILE       *fp,
     }
 
     /* Later on, img->numsamples is multiplied with img->bpc to allocate
-     * memory. Ensure it doesn't overflow. */
+     * memory. Ensure it doesn't overflow. G_MAXSIZE might have been
+       good enough on 32bit, for now lets just fail if the size is beyond
+       2GB
+     */
+#define MAX_PPM_SIZE (1<<31)
+
     if (!img->width || !img->height ||
-        G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc)
+        MAX_PPM_SIZE / img->width / img->height / CHANNEL_COUNT < img->bpc)
       {
         g_warning ("Illegal width/height: %ld/%ld", img->width, img->height);
         return FALSE;
       }
 
-
     img->channels = channel_count;
     img->numsamples = img->width * img->height * channel_count;