From 5a49a4492e507d7a3313ac59af5b010084eda4fb Mon Sep 17 00:00:00 2001
From: andy5995 <andy400-dev@yahoo.com>
Date: Thu, 27 Sep 2018 13:52:18 -0500
Subject: [PATCH] g2xml.c:fix CWE-606:Unchecked Input for Loop Condition

---
 source/tools/glexemel/g2xml.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/source/tools/glexemel/g2xml.c b/source/tools/glexemel/g2xml.c
index 0150b92a5..ee8388538 100644
--- a/source/tools/glexemel/g2xml.c
+++ b/source/tools/glexemel/g2xml.c
@@ -23,7 +23,12 @@
 #define FALSE 0
 #endif
 
-
+/*
+ * Set a boundary on the indexCount
+ * to prevent
+ * CWE-606: Unchecked Input for Loop Condition
+ */
+#define INDEX_COUNT_MAX 10000
 
  /**
   * Forward function declarations.
@@ -311,6 +316,10 @@ int g3d2xml(FILE *infile, FILE *outfile) {
 
 		/* read / write face indices */
 		nBytes = sizeof(uint32)*meshHeader.indexCount;
+		if (meshHeader.indexCount > INDEX_COUNT_MAX) {
+			printf ("Index Count exceeds INDEX_COUNT_MAX (%u)\n", INDEX_COUNT_MAX);
+			return FALSE;
+		}
 		idata = malloc(nBytes);
 		if (idata == NULL) {
 			printf("Could not allocate buffer!\n");