Merge pull request Exiv2#3514 from kevinbackhouse/fix-issue-3513

kevinbackhouse · web-flow · commit 659db316eef7 · 2026-02-27T13:19:45.000Z
Add enforce to check for integer overflow
diff --git a/src/psdimage.cpp b/src/psdimage.cpp
@@ -284,6 +284,9 @@ void PsdImage::readResourceBlock(uint16_t resourceId, uint32_t resourceSize) {
       nativePreview.height_ = getLong(buf + 8, bigEndian);
       const uint32_t format = getLong(buf + 0, bigEndian);
 
+      Internal::enforce(nativePreview.size_ <= static_cast<size_t>(std::numeric_limits<long>::max()),
+                        Exiv2::ErrorCode::kerCorruptedMetadata);
+
       if (nativePreview.size_ > 0 && nativePreview.position_ > 0) {
         io_->seek(static_cast<long>(nativePreview.size_), BasicIo::cur);
         if (io_->error() || io_->eof())
diff --git a/test/data/issue_3513_poc.psd b/test/data/issue_3513_poc.psd
diff --git a/tests/bugfixes/github/test_issue_3513.py b/tests/bugfixes/github/test_issue_3513.py
@@ -0,0 +1,17 @@
+# -*- coding: utf-8 -*-
+
+import system_tests
+
+
+class test_issue_3513_PsdImage_readResourceBlock(metaclass=system_tests.CaseMeta):
+    url = "https://github.com/Exiv2/exiv2/issues/3513"
+
+    filename = "$data_path/issue_3513_poc.psd"
+    commands = ["$exiv2 -pp $filename"]
+    retval = [1]
+    stderr = [
+        """$exiv2_exception_message $filename:
+$kerCorruptedMetadata
+"""
+    ]
+    stdout = [""]
diff --git a/tests/regression_tests/test_regression_allfiles.py b/tests/regression_tests/test_regression_allfiles.py
@@ -126,6 +126,7 @@ def get_valid_files(data_dir):
         "pocIssue283.jpg",
         "poc_1522.jp2",
         "xmpsdk.xmp",
+        "issue_3513_poc.psd",
         "crash-23eba73bb01cb01caa96a389eb12955c34b98a37.jpg",
         "issue_3511_poc.eps",
         # large file that creates 11Mb of output so let's exclude it
