Fix integer overflow in tensor dimensions and PPM parser

- util/basics.h: Add overflow check in Extents2D::Area() before
  computing rows*cols. Malicious model files with large dimension
  values could cause a silent size_t overflow, leading to undersized
  allocations and subsequent heap buffer overflows.

- paligemma/image.cc: Add overflow check for width*height*3 in
  ReadPPM(). A crafted PPM file with large dimensions could overflow
  the data_size computation, resulting in an undersized buffer and
  out-of-bounds writes.

- paligemma/image.cc: Add overflow detection in ParseUnsigned() to
  reject values that would overflow size_t during decimal parsing.

Author: sharadboni

paligemma/image.cc

@@ -85,8 +85,11 @@ const char* ParseUnsigned(const char* pos, const char* end, size_t& num) {
   }
   num = 0;
   for (; pos < end && std::isdigit(*pos); ++pos) {
-    num *= 10;
-    num += *pos - '0';
+    const size_t digit = *pos - '0';
+    if (num > (SIZE_MAX - digit) / 10) {
+      return nullptr;  // overflow
+    }
+    num = num * 10 + digit;
   }
   return pos;
 }
@@ -137,6 +140,14 @@ bool Image::ReadPPM(const hwy::Span<const char>& buf) {
     return false;
   }
   ++pos;
+  if (width == 0 || height == 0) {
+    std::cerr << "Invalid zero dimension\n";
+    return false;
+  }
+  if (width > SIZE_MAX / 3 || width * 3 > SIZE_MAX / height) {
+    std::cerr << "Image dimensions overflow\n";
+    return false;
+  }
   const size_t data_size = width * height * 3;
   if (buf.cend() - pos < static_cast<ptrdiff_t>(data_size)) {
     std::cerr << "Insufficient data remaining\n";

util/basics.h

@@ -91,7 +91,12 @@ struct Extents2D {
   constexpr Extents2D() : rows(0), cols(0) {}
   constexpr Extents2D(size_t rows, size_t cols) : rows(rows), cols(cols) {}
 
-  size_t Area() const { return rows * cols; }
+  size_t Area() const {
+    if (rows != 0 && cols > SIZE_MAX / rows) {
+      HWY_ABORT("Tensor dimension overflow: rows=%zu cols=%zu", rows, cols);
+    }
+    return rows * cols;
+  }
 
   size_t rows;
   size_t cols;