Sanity checks (fuzzer)

I ran a stupid fuzzer on all the plugins in the repo and some plugins needs more sanity checks.

- RAS: fixed palette reading on corrupted files
- RGB: improved error detection on datastream

This patch improves the reading speed of some corrupted files and limit the maximum memory allocation of RAS palette.

src/imageformats/ras.cpp

@@ -221,9 +221,16 @@ static bool LoadRAS(QDataStream &s, const RasHeader &ras, QImage &img)
 
     // Read palette if needed.
     if (ras.ColorMapType == RAS_COLOR_MAP_TYPE_RGB) {
+        // max 256 rgb elements palette is supported
+        if (ras.ColorMapLength > 768) {
+            return false;
+        }
         QList<quint8> palette(ras.ColorMapLength);
         for (quint32 i = 0; i < ras.ColorMapLength; ++i) {
             s >> palette[i];
+            if (s.status() != QDataStream::Ok) {
+                return false;
+            }
         }
         QList<QRgb> colorTable;
         for (quint32 i = 0, n = ras.ColorMapLength / 3; i < n; ++i) {
@@ -233,9 +240,6 @@ static bool LoadRAS(QDataStream &s, const RasHeader &ras, QImage &img)
             colorTable << qRgb(255, 255, 255);
         }
         img.setColorTable(colorTable);
-        if (s.status() != QDataStream::Ok) {
-            return false;
-        }
     }
 
     LineDecoder dec(s.device(), ras);

src/imageformats/rgb.cpp

@@ -360,11 +360,15 @@ bool SGIImage::readImage(QImage &img)
         }
 
         _lengthtab = new quint32[_numrows];
-        for (l = 0; l < _numrows; l++) {
+        for (l = 0; !_stream.atEnd() && l < _numrows; l++) {
             _stream >> _lengthtab[l];
         }
     }
 
+    if (_stream.status() != QDataStream::Ok) {
+        return false;
+    }
+
     _data = _dev->readAll();
 
     // sanity check