Fix large heap allocation during load broken files.

Author: Vol-Alex

kaitai/kaitaistream.cpp

@@ -379,19 +379,22 @@ uint64_t kaitai::kstream::get_mask_ones(int n) {
 // ========================================================================
 
 std::string kaitai::kstream::read_bytes(std::streamsize len) {
-    std::vector<char> result(len);
-
     // NOTE: streamsize type is signed, negative values are only *supposed* to not be used.
     // http://en.cppreference.com/w/cpp/io/streamsize
     if (len < 0) {
         throw std::runtime_error("read_bytes: requested a negative amount");
     }
-
-    if (len > 0) {
-        m_io->read(&result[0], len);
+    else if (len == 0) {
+        return std::string();
+    }
+    else if (len > size()) {
+        throw std::runtime_error("read_bytes: requested length greater than stream size");
     }
 
-    return std::string(result.begin(), result.end());
+    std::string result(len, 0);
+    m_io->read(&result[0], len);
+
+    return result;
 }
 
 std::string kaitai::kstream::read_bytes_full() {