Add checks on the available ROD data before access

src/ROBFragmentNoTemplates.cxx

@@ -75,7 +75,6 @@ eformat::read::ROBFragment::check_rob_impl (const uint16_t version,
     if(exc) throw ex;
     result = false;
   }
-  
   return result;
 }
 
@@ -98,12 +97,18 @@ eformat::read::ROBFragment::check_rod_impl (const uint16_t version,
   bool result = true;
 
   try{
-    if ( rod_version() >> 16 != version ) {
-      throw EFORMAT_BAD_ROD_VERSION(rod_version() >> 16, version);
+
+    //First check there at least enough ROD data to check the next field
+    if ( payload_size_word() < 2){
+      throw EFORMAT_ROD_SIZE_CHECK(2, payload_size_word());
     }
+
     if ( rod_header_size_word() != 9 ) {
       throw EFORMAT_SIZE_CHECK(9, rod_header_size_word());
     }
+    if ( rod_version() >> 16 != version ) {
+      throw EFORMAT_BAD_ROD_VERSION(rod_version() >> 16, version);
+    }
     if ( rod_fragment_size_word() != 12 + rod_nstatus() + rod_ndata() ) {
       throw EFORMAT_ROD_SIZE_CHECK(rod_fragment_size_word(),
 				   (12 + rod_nstatus() + rod_ndata()));
@@ -174,6 +179,13 @@ void eformat::read::ROBFragment::rod_problems
   (std::vector<eformat::FragmentProblem>& p, const uint16_t version) const 
 {
   //ROD stuff
+  if(payload_size_word() < 3) {
+    // The ROD fragment is smaller than the header size, it is not safe to
+    // try to access the fields below, we skip the following checks
+    p.push_back(eformat::WRONG_ROD_FRAGMENT_SIZE);
+    return;
+  }
+
   if (rod_marker() != eformat::ROD) p.push_back(eformat::WRONG_ROD_MARKER); 
   if (rod_version() >> 16 != version)
     p.push_back(eformat::UNSUPPORTED_ROD_VERSION);