HDF4-EOS: fix heap-buffer-overflow

rouault · rouault · commit 184f77dbcc74 · 2026-04-15T16:47:03.000+02:00
Fixes #14363
diff --git a/autotest/gcore/data/hdf4/issue_14363.he4 b/autotest/gcore/data/hdf4/issue_14363.he4
diff --git a/autotest/gcore/hdf4_read.py b/autotest/gcore/hdf4_read.py
@@ -607,3 +607,15 @@ def test_hdf4_gh_14356():
         pytest.skip()
 
     gdal.Open("data/hdf4/issue_14356.he4")
+
+
+###############################################################################
+# Test bugfix for https://github.com/OSGeo/gdal/issues/14363
+
+
+def test_hdf4_gh_14363():
+
+    if gdaltest.hdf4_drv is None:
+        pytest.skip()
+
+    gdal.Open("data/hdf4/issue_14363.he4")
diff --git a/autotest/gcore/hdf4multidim.py b/autotest/gcore/hdf4multidim.py
@@ -541,3 +541,14 @@ def test_hdf4_multidim_gh_14356():
     ds = gdal.OpenEx("data/hdf4/issue_14356.he4", gdal.OF_MULTIDIM_RASTER)
 
     gdal.MultiDimInfo(ds)
+
+
+###############################################################################
+# Test bugfix for https://github.com/OSGeo/gdal/issues/14363
+
+
+def test_hdf4_multidim_gh_14363():
+
+    ds = gdal.OpenEx("data/hdf4/issue_14363.he4", gdal.OF_MULTIDIM_RASTER)
+
+    gdal.MultiDimInfo(ds)
diff --git a/frmts/hdf4/hdf-eos/GDapi.c b/frmts/hdf4/hdf-eos/GDapi.c
@@ -3147,7 +3147,10 @@ GDnentries(int32 gridID, int32 entrycode, int32 * strbufsize)
 		     * Get all string values Don't count quotes
 		     */
 		    EHgetmetavalue(metaptrs, &valName[i][0], utlstr);
-		    *strbufsize += (int32)strlen(utlstr) - 2;
+		    if( utlstr[0] == '"' && utlstr[strlen(utlstr)-1] == '"' )
+		        *strbufsize += (int32)strlen(utlstr) - 2;
+		    else
+		        *strbufsize += (int32)strlen(utlstr);
 		}
 		/* Increment number of entries */
 		nEntries++;
