Preventing use of zero sized SUSP CE entry which causes SIGSEGV. Debian bug 872590. Thanks Jakub Wilk and American Fuzzy Lop.

libisofs/libisofs.h

@@ -8883,6 +8883,9 @@ int iso_conv_name_chars(IsoWriteOpts *opts, char *name, size_t name_len,
 /** Unable to obtain root directory                       (FATAL,HIGH, -418) */
 #define ISO_NO_ROOT_DIR             0xF030FE5E
 
+/** Zero sized or oversized SUSP CE area found         (FAILURE, HIGH, -419) */
+#define ISO_SUSP_WRONG_CE_SIZE      0xE830FE5D
+
 
 /* Internal developer note: 
    Place new error codes directly above this comment. 

libisofs/messages.c

@@ -549,6 +549,8 @@ const char *iso_error_to_msg(int errcode)
         return "Unrecognized GPT disk GUID setup mode";
     case ISO_NO_ROOT_DIR:
         return "Unable to obtain root directory";
+    case ISO_SUSP_WRONG_CE_SIZE:
+        return "Zero sized or oversized SUSP CE area found";
     default:
         return "Unknown error";
     }

libisofs/rockridge_read.c

@@ -97,8 +97,10 @@ int susp_iter_next(SuspIterator *iter, struct susp_sys_user_entry **sue,
         if (iter->ce_len) {
             uint32_t block, nblocks;
 
-            /* A CE has found, there is another continuation area */
+            /* A CE was found, there is another continuation area */
             nblocks = DIV_UP(iter->ce_off + iter->ce_len, BLOCK_SIZE);
+            if (nblocks <= 0)
+                return ISO_SUSP_WRONG_CE_SIZE;
             iter->buffer = realloc(iter->buffer, nblocks * BLOCK_SIZE);
 
             /* read all blocks needed to cache the full CE */