Fix CVE-2025-2926

An image size was corrupted and decoded as 0 resulting in a NULL image buffer,
which caused a NULL pointer dereference when the image being copied to the buffer.
The invalid image size was caught in the PR #5710.  This change catches right
before the copying.

Fixes GH issue #5384

Author: bmribler

src/H5Centry.c

@@ -1007,7 +1007,8 @@ H5C__load_entry(H5F_t *f,
     /* Call the get_initial_load_size callback, to retrieve the initial size of image */
     if (type->get_initial_load_size(udata, &len) < 0)
         HGOTO_ERROR(H5E_CACHE, H5E_CANTGET, NULL, "can't retrieve image size");
-    assert(len > 0);
+    if (len == 0)
+        HGOTO_ERROR(H5E_CACHE, H5E_BADVALUE, NULL, "invalid size of image");
 
     /* Check for possible speculative read off the end of the file */
     if (type->flags & H5C__CLASS_SPECULATIVE_LOAD_FLAG)