[PATCH] ReadKey() should patch keyptr->gk_count when GeoKey is corrupted

[rouault]

Currently, gdalinfo on the attached GeoTIFF with a corrupted GeoTIFF tag will cause the following Valgrind error :

==25391== Invalid read of size 1
==25391==    at 0x4024B30: memcpy (mc_replace_strmem.c:402)
==25391==    by 0x43B6D0E: _TIFFmemcpy (tif_vsi.c:180)
==25391==    by 0x4211236: _GTIFmemcpy (geo_tiffp.c:57)
==25391==    by 0x42098F7: GTIFKeyGet (geo_get.c:170)
==25391==    by 0x4247B41: GTIFGetOGISDefn (gt_wkt_srs.cpp:354)
==25391==    by 0x4218D92: GTiffDataset::LookForProjection() (geotiff.cpp:4255)
==25391==    by 0x421900F: GTiffDataset::GetProjectionRef() (geotiff.cpp:6556)
==25391==    by 0x43EDDCD: GDALGetProjectionRef (gdaldataset.cpp:760)
==25391==    by 0x804A1E7: main (gdalinfo.c:196)
==25391==  Address 0x6b0bc22 is 14 bytes after a block of size 68 alloc'd
==25391==    at 0x4022AB8: malloc (vg_replace_malloc.c:207)
==25391==    by 0x443D4C0: VSIMalloc (cpl_vsisimple.cpp:300)
==25391==    by 0x43B6C5F: _TIFFmalloc (tif_vsi.c:156)
==25391==    by 0x42111B5: _GTIFcalloc (geo_tiffp.c:45)
==25391==    by 0x420A431: ReadKey (geo_new.c:247)
==25391==    by 0x420A188: GTIFNewWithMethods (geo_new.c:164)
==25391==    by 0x4209EBE: GTIFNew (geo_new.c:60)
==25391==    by 0x4218D33: GTiffDataset::LookForProjection() (geotiff.cpp:4244)
==25391==    by 0x421900F: GTiffDataset::GetProjectionRef() (geotiff.cpp:6556)
==25391==    by 0x43EDDCD: GDALGetProjectionRef (gdaldataset.cpp:760)
==25391==    by 0x804A1E7: main (gdalinfo.c:196)

The attached patch updates keyptr->gk_count with the updated count value.

[warmerdam]

Patch applied in trunk (r1637), thanks Even.

[warmerdam]

The previous patch sometimes left gk_count being one too high. This resulted in listgeo output that was unparsable by GTIFImport(). I have patched this in trunk (r1729).

I don't believe this bug went out in any non-beta releases.