abort when file claims to have excessive scanline data requirements

Signed-off-by: Peter Hillman <[email protected]>

OpenEXR/IlmImf/ImfMisc.cpp

@@ -114,9 +114,9 @@ bytesPerLineTable (const Header &header,
 	 c != channels.end();
 	 ++c)
     {
-	int nBytes = pixelTypeSize (c.channel().type) *
-		     (dataWindow.max.x - dataWindow.min.x + 1) /
-		     c.channel().xSampling;
+	size_t nBytes = size_t(pixelTypeSize (c.channel().type)) *
+		     size_t(dataWindow.max.x - dataWindow.min.x + 1) /
+		     size_t(c.channel().xSampling);
 
 	for (int y = dataWindow.min.y, i = 0; y <= dataWindow.max.y; ++y, ++i)
 	    if (modp (y, c.channel().ySampling) == 0)

OpenEXR/IlmImf/ImfScanLineInputFile.cpp

@@ -1122,6 +1122,12 @@ void ScanLineInputFile::initialize(const Header& header)
 
         size_t maxBytesPerLine = bytesPerLineTable (_data->header,
                                                     _data->bytesPerLine);
+
+        if(maxBytesPerLine > INT_MAX)
+        {
+            throw IEX_NAMESPACE::InputExc("maximum bytes per scanline exceeds maximum permissible size");
+        }
+
 
         for (size_t i = 0; i < _data->lineBuffers.size(); i++)
         {
@@ -1156,6 +1162,8 @@ void ScanLineInputFile::initialize(const Header& header)
     }
     catch (...)
     {
+        if (_data->partNumber == -1)
+           delete _streamData;
         delete _data;
         _data=NULL;
         throw;