heap-buffer-overflow bug caused by user misconfiguration (amcl:min_particles=a large value)

[GoesM]

this issue is mainly for adding ticket for #4005

Bug report

Required Info:

• Operating System:
  • Ubuntu 22.04
• ROS2 Version:
  • humble
• Version or commit hash:
  • the latest
• DDS implementation:
  • default

Steps to reproduce issue

Here is our launch command:

source install/setup.bash
source /opt/ros/humble/setup.bash
export TURTLEBOT3_MODEL=waffle
export GAZEBO_MODEL_PATH=$GAZEBO_MODEL_PATH:/opt/ros/humble/share/turtlebot3_gazebo/models
ros2 launch nav2_bringup tb3_simulation_launch.py params_file:=my_nav2_params.yaml

there's only one difference between my_nav2_params.yaml and defaulted nav2_params.yaml:

#my_nav2_params.yaml
......
nav2_amcl
      ......
    max_particles: 2000  
    min_particles: 905970164
    ......

Expected behavior

no bug occurs

Actual behavior

face to the asan report:

=================================================================
==703791==ERROR: AddressSanitizer: calloc parameters overflow: count * size (-1577056804 * 72) cannot be represented in type size_t (thread T0)
    #0 0x58f14baa85a8 in __interceptor_calloc (/home/***/nav2/install/nav2_amcl/lib/nav2_amcl/amcl+0xaa5a8) (BuildId: 3d2122b4d0d935f654c2770d7e58da83885f4906)
    #1 0x7f2c88b92e93 in pf_kdtree_alloc (/home/***/nav2/install/nav2_amcl/lib/libpf_lib.so+0x9e93) (BuildId: 92f6f6da07c69e4e8fdb674a2fb2b39a58de9a00)

==703791==ABORTING

Additional information

according to following code lines, the value of min_particles might influence the value of max_particles, so it could also lead to the buffer-overflow bug

navigation2/nav2_amcl/src/amcl_node.cpp

Lines 1133 to 1138 in 4fa12ac

	if (min_particles_ > max_particles_) {
	RCLCPP_WARN(
	get_logger(), "You've set min_particles to be greater than max particles,"
	" this isn't allowed so max_particles will be set to min_particles.");
	max_particles_ = min_particles_;
	}