Issue with std::reverse() and std::sort() on vectors #13992
Description
Today (sept 12th 2025), ossfuzz has reported 5 bugs in 2 projects and they all pertain to either null-ptr deref in std::reverse() or unsigned-integer-overflow in sd::sort(). The part of the code where they triggered didn't change recently, so I'm 99.99% sure that the issue comes from a change in libc++
Cf https://issues.oss-fuzz.com/issues/444479996:
=410==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5af6d823c69d bp 0x7fff0c6051f0 sp 0x7fff0c6051a0 T0)
==410==The signal is caused by a READ memory access.
==410==Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
#0 0x5af6d823c69d in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>::basic_string[abi:ne220000](std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&&) /usr/local/include/c++/v1/string:1020:9
#1 0x5af6d823c69d in osgeo::proj::io::Step::Step(osgeo::proj::io::Step&&) [gdal/proj/src/iso19111/io.cpp:8523](https://github.com/OSGeo/gdal/blob/bf5208961b6217680e54183ef466c9ab1f90aabd/proj/src/iso19111/io.cpp#L8523):8
#2 0x5af6d823c69d in std::__1::enable_if<is_move_constructible<osgeo::proj::io::Step>::value && is_move_assignable<osgeo::proj::io::Step>::value, void>::type std::__1::swap[abi:ne220000]<osgeo::proj::io::Step>(osgeo::proj::io::Step&, osgeo::proj::io::Step&) /usr/local/include/c++/v1/__utility/swap.h:43:7
#3 0x5af6d8241663 in void std::__1::iter_swap[abi:ne220000]<std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>>(std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>) /usr/local/include/c++/v1/__algorithm/iter_swap.h:26:3
#4 0x5af6d8241663 in void std::__1::_IterOps<std::__1::_ClassicAlgPolicy>::iter_swap[abi:ne220000]<std::__1::__wrap_iter<osgeo::proj::io::Step*>&, std::__1::__wrap_iter<osgeo::proj::io::Step*>&>(std::__1::__wrap_iter<osgeo::proj::io::Step*>&, std::__1::__wrap_iter<osgeo::proj::io::Step*>&) /usr/local/include/c++/v1/__algorithm/iterator_operations.h:138:5
#5 0x5af6d8241663 in void std::__1::__reverse_impl[abi:ne220000]<std::__1::_ClassicAlgPolicy, std::__1::__wrap_iter<osgeo::proj::io::Step*>>(std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::random_access_iterator_tag) /usr/local/include/c++/v1/__algorithm/reverse.h:43:7
#6 0x5af6d8241663 in void std::__1::__reverse[abi:ne220000]<std::__1::_ClassicAlgPolicy, std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>>(std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>) /usr/local/include/c++/v1/__algorithm/reverse.h:49:3
#7 0x5af6d8241663 in void std::__1::reverse[abi:ne220000]<std::__1::__wrap_iter<osgeo::proj::io::Step*>>(std::__1::__wrap_iter<osgeo::proj::io::Step*>, std::__1::__wrap_iter<osgeo::proj::io::Step*>) /usr/local/include/c++/v1/__algorithm/reverse.h:55:3
and https://issues.oss-fuzz.com/issues/444622226:
/usr/local/bin/../include/c++/v1/__algorithm/sort.h:864:37: runtime error: unsigned integer overflow: 2 * 18446744073709551615 cannot be represented in type 'unsigned long'
#0 0x5976239270a7 in __sort_dispatch<std::__1::_ClassicAlgPolicy, PDFDataset::LayerStruct *, (lambda at /src/gdal/frmts/pdf/pdfdataset.cpp:3585:15)> /usr/local/include/c++/v1/__algorithm/sort.h:864:37
#1 0x5976239270a7 in __sort_impl<std::__1::_ClassicAlgPolicy, std::__1::__wrap_iter<PDFDataset::LayerStruct *>, (lambda at /src/gdal/frmts/pdf/pdfdataset.cpp:3585:15)> /usr/local/include/c++/v1/__algorithm/sort.h:934:5
#2 0x5976239270a7 in sort<std::__1::__wrap_iter<PDFDataset::LayerStruct *>, (lambda at /src/gdal/frmts/pdf/pdfdataset.cpp:3585:15)> /usr/local/include/c++/v1/__algorithm/sort.h:942:3