<div dir="ltr">It's possible to cause massive allocations with a tiny corrupted grib file causing an out-of-memory.  I found that case with the llvm ASAN fuzzer.  If you have a specification that gives a more reasoned maximum or a better overall check, I'm listening.  I definitely think the sanity checking can be improved.  Mostly I just try to survive the g2clib code.  It doesn't come with tests and digging through GRIB specs to match up to g2clib source isn't my favorite thing to do.<div><br></div><div><a href="https://github.com/OSGeo/gdal/commit/ae92f7fb8e32381124a37588d27b9af695afce20">https://github.com/OSGeo/gdal/commit/ae92f7fb8e32381124a37588d27b9af695afce20</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Nov 7, 2017 at 1:22 PM, Roarke Gaskill <span dir="ltr"><<a href="mailto:roarke.gaskill@weather.com" target="_blank">roarke.gaskill@weather.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div><br></div><div>Why is the number of points greater than 33554432 considered nonsense?</div><div><br></div><div><a href="https://github.com/OSGeo/gdal/blob/trunk/gdal/frmts/grib/degrib18/g2clib-1.0.4/g2_unpack5.c#L77" target="_blank">https://github.com/OSGeo/gdal/<wbr>blob/trunk/gdal/frmts/grib/<wbr>degrib18/g2clib-1.0.4/g2_<wbr>unpack5.c#L77</a></div><div><br></div><div><br></div><div>Thanks,</div><div>Roarke</div><div><br clear="all"><div><br></div>
</div></div>
<br>______________________________<wbr>_________________<br>
gdal-dev mailing list<br>
<a href="mailto:gdal-dev@lists.osgeo.org">gdal-dev@lists.osgeo.org</a><br>
<a href="https://lists.osgeo.org/mailman/listinfo/gdal-dev" rel="noreferrer" target="_blank">https://lists.osgeo.org/<wbr>mailman/listinfo/gdal-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">--<div><a href="http://schwehr.org" target="_blank">http://schwehr.org</a></div></div>
</div>